Red Hat Security Advisory 2013-1862-01 - Fuse ESB Enterprise is an integration platform based on Apache ServiceMix. Fuse MQ Enterprise, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This release of Fuse ESB Enterprise/MQ Enterprise 7.1.0 R1 P1 is an update to Fuse ESB Enterprise 7.1.0 and Fuse MQ Enterprise 7.1.0. It includes bug fixes.
cc87f20cac05b2c2a2ca841231613b725778a23e0f081c95d5e236ae38911461Red Hat Security Advisory 2013-1410-01 - Red Hat JBoss Fuse 6.0.0, based on Apache ServiceMix, provides an integration platform. Red Hat JBoss A-MQ 6.0.0, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. Red Hat JBoss Fuse/A-MQ 6.0.0 patch 4 is an update to Red Hat JBoss Fuse 6.0.0 and Red Hat JBoss A-MQ 6.0.0. This update addresses the following security issues: Restlet applications which use ObjectRepresentation to map HTTP request data directly to an object deserialize arbitrary user-provided XML using XMLDecoder. It was found that XMLDecoder deserialized an attacker-provided definition of a class and executed its methods. A remote attacker could use this flaw to perform arbitrary remote code execution in the context of the server running the Restlet application.
a24fddd4e2ba4576b30f95a9dbb4f56350f5ec1ec9fc44a697a1fa670279e6f0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed