Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title JBoss Enterprise Application Platform security update
Informations
Name RHSA-2008:0158 First vendor Publication 2008-03-24
Vendor RedHat Last vendor Modification 2008-03-24
Severity (Vendor) Moderate Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated JBoss Enterprise Application Platform packages that fix several security issues and bugs are now available for Red Hat Application Stack v1 and v2.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - noarch Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - noarch Red Hat Application Stack v2 for Enterprise Linux (v.5) - noarch

3. Description:

JBEAP is a middleware platform for Java 2 Platform, Enterprise Edition (J2EE) applications.

This release of JBEAP for Red Hat Enterprise Linux 4 contains the JBoss Application Server and JBoss Seam. This release serves as a replacement to JBEAP 4.2.0.GA.

The updated packages address the following security vulnerabilities:

* the JFreeChart component was vulnerable to multiple cross-site scripting (XSS) vulnerabilities. An attacker could misuse the image map feature to inject arbitrary web script or HTML via several attributes of the chart area. (CVE-2007-6306)

* a vulnerability caused by exposing static java methods was located within the HSQLDB component. This could be utilized by an attacker to execute arbitrary static java methods. (CVE-2007-4575)

* the setOrder method in the org.jboss.seam.framework.Query class did not properly validate user-supplied parameters. This vulnerability allowed remote attackers to inject and execute arbitrary EJBQL commands via the order parameter. (CVE-2007-6433)

All users are advised to upgrade to this release of JBEAP, which addresses these vulnerabilities.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

299801 - CVE-2007-4575 OpenOffice.org-base allows Denial-of-Service and command injection 421081 - CVE-2007-6306 JFreeChart: XSS vulnerabilities in the image map feature 426206 - CVE-2007-6433 EJBQL injection via 'order' parameter

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2008-0158.html

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-94 Failure to Control Generation of Code ('Code Injection')
33 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
33 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10153
 
Oval ID: oval:org.mitre.oval:def:10153
Title: HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."
Description: HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."
Family: unix Class: vulnerability
Reference(s): CVE-2007-4575
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18383
 
Oval ID: oval:org.mitre.oval:def:18383
Title: DSA-1419-1 openoffice.org
Description: A vulnerability has been discovered in HSQLDB, the default database engine shipped with OpenOffice.org. This could result in the execution of arbitrary Java code embedded in a OpenOffice.org database document with the user's privilege. This update requires an update of both openoffice.org and hsqldb.
Family: unix Class: patch
Reference(s): DSA-1419-1
CVE-2007-4575
Version: 7
Platform(s): Debian GNU/Linux 4.0
Product(s): openoffice.org
hsqldb
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22393
 
Oval ID: oval:org.mitre.oval:def:22393
Title: ELSA-2007:1048: openoffice.org, hsqldb security update (Moderate)
Description: HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."
Family: unix Class: patch
Reference(s): ELSA-2007:1048-01
CVE-2003-0845
CVE-2007-4575
Version: 13
Platform(s): Oracle Linux 5
Product(s): hsqldb
openoffice.org
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 34
Os 1

OpenVAS Exploits

Date Description
2009-04-09 Name : Mandriva Update for openoffice.org MDVSA-2008:095 (openoffice.org)
File : nvt/gb_mandriva_MDVSA_2008_095.nasl
2009-03-23 Name : Ubuntu Update for hsqldb, openoffice.org/-amd64 vulnerabilities USN-609-1
File : nvt/gb_ubuntu_USN_609_1.nasl
2009-03-06 Name : RedHat Update for openoffice.org2 RHSA-2007:1090-01
File : nvt/gb_RHSA-2007_1090-01_openoffice.org2.nasl
2009-02-27 Name : Fedora Update for openoffice.org FEDORA-2007-4120
File : nvt/gb_fedora_2007_4120_openoffice.org_fc7.nasl
2009-02-27 Name : Fedora Update for openoffice.org FEDORA-2007-4172
File : nvt/gb_fedora_2007_4172_openoffice.org_fc8.nasl
2009-02-27 Name : Fedora Update for openoffice.org FEDORA-2007-762
File : nvt/gb_fedora_2007_762_openoffice.org_fc6.nasl
2009-02-24 Name : Fedora Update for hsqldb FEDORA-2007-4119
File : nvt/gb_fedora_2007_4119_hsqldb_fc7.nasl
2009-02-24 Name : Fedora Update for hsqldb FEDORA-2007-4171
File : nvt/gb_fedora_2007_4171_hsqldb_fc8.nasl
2009-02-17 Name : Fedora Update for openoffice.org FEDORA-2008-4104
File : nvt/gb_fedora_2008_4104_openoffice.org_fc7.nasl
2009-02-17 Name : Fedora Update for openoffice.org FEDORA-2008-9333
File : nvt/gb_fedora_2008_9333_openoffice.org_fc8.nasl
2009-02-17 Name : Fedora Update for openoffice.org FEDORA-2008-7531
File : nvt/gb_fedora_2008_7531_openoffice.org_fc8.nasl
2009-02-17 Name : Fedora Update for openoffice.org FEDORA-2008-5247
File : nvt/gb_fedora_2008_5247_openoffice.org_fc8.nasl
2009-02-17 Name : Fedora Update for openoffice.org FEDORA-2008-5239
File : nvt/gb_fedora_2008_5239_openoffice.org_fc7.nasl
2009-02-17 Name : Fedora Update for openoffice.org FEDORA-2008-3251
File : nvt/gb_fedora_2008_3251_openoffice.org_fc8.nasl
2009-01-28 Name : SuSE Update for OpenOffice_org SUSE-SA:2007:067
File : nvt/gb_suse_2007_067.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200712-25 (openoffice openoffice-bin hsqldb)
File : nvt/glsa_200712_25.nasl
2008-01-17 Name : Debian Security Advisory DSA 1419-1 (openoffice.org, hsqldb)
File : nvt/deb_1419_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
42631 JBoss Seam org.jboss.seam.framework.Query Class getRenderedEjbql Method order...

41845 JFreeChart Image Map Feature Chart Area Multiple Parameter XSS

41844 JFreeChart Image Map Feature Chart Tool Tip Text XSS

41843 JFreeChart Image Map Feature Chart Name XSS

40548 OpenOffice.org (OOo) HSQLDB Database Document Handling Unspecified Arbitrary ...

Nessus® Vulnerability Scanner

Date Description
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0213.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0151.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-1048.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20071205_openoffice_org__hsqldb_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20071205_openoffice_org2_on_SL4_5.nasl - Type : ACT_GATHER_INFO
2010-01-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0630.nasl - Type : ACT_GATHER_INFO
2010-01-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0524.nasl - Type : ACT_GATHER_INFO
2010-01-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0261.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-1048.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-095.nasl - Type : ACT_GATHER_INFO
2008-05-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-609-1.nasl - Type : ACT_GATHER_INFO
2008-01-27 Name : The remote Fedora host is missing a security update.
File : fedora_2007-4171.nasl - Type : ACT_GATHER_INFO
2008-01-27 Name : The remote Fedora host is missing a security update.
File : fedora_2007-4119.nasl - Type : ACT_GATHER_INFO
2008-01-08 Name : The remote openSUSE host is missing a security update.
File : suse_OpenOffice_org-4802.nasl - Type : ACT_GATHER_INFO
2007-12-31 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200712-25.nasl - Type : ACT_GATHER_INFO
2007-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_OpenOffice_org-4770.nasl - Type : ACT_GATHER_INFO
2007-12-11 Name : The remote Fedora Core host is missing a security update.
File : fedora_2007-762.nasl - Type : ACT_GATHER_INFO
2007-12-11 Name : The remote Fedora host is missing a security update.
File : fedora_2007-4172.nasl - Type : ACT_GATHER_INFO
2007-12-11 Name : The remote Fedora host is missing a security update.
File : fedora_2007-4120.nasl - Type : ACT_GATHER_INFO
2007-12-07 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-1090.nasl - Type : ACT_GATHER_INFO
2007-12-07 Name : The remote openSUSE host is missing a security update.
File : suse_OpenOffice_org-4769.nasl - Type : ACT_GATHER_INFO
2007-12-07 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1419.nasl - Type : ACT_GATHER_INFO
2007-12-05 Name : The remote Windows host has a program that allows execution of arbitrary code.
File : openoffice_231.nasl - Type : ACT_GATHER_INFO