what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

CVE-2015-7501

Status Candidate

Overview

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

Related Files

Red Hat Security Advisory 2020-4274-01
Posted Oct 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4274-01 - The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. Issues addressed include a code execution vulnerability.

tags | advisory, java, code execution
systems | linux, redhat
advisories | CVE-2015-7501
SHA-256 | 1ef42f7638f6920c5f6747fbe4f6004c8c8d8f1a64e67f89d158eca94035a425
Red Hat Security Advisory 2016-1773-01
Posted Aug 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1773-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. The Jenkins continuous integration server has been updated to upstream version 1.651.2 LTS that addresses a large number of security issues, including open redirects, a potential denial of service, unsafe handling of user provided environment variables and several instances of sensitive information disclosure.

tags | advisory, denial of service, info disclosure
systems | linux, redhat
advisories | CVE-2014-3577, CVE-2015-7501, CVE-2016-0788, CVE-2016-0789, CVE-2016-0790, CVE-2016-0791, CVE-2016-0792, CVE-2016-3721, CVE-2016-3722, CVE-2016-3723, CVE-2016-3724, CVE-2016-3725, CVE-2016-3726, CVE-2016-3727
SHA-256 | d21a44fcf349a12558e1bf494277c24c60b24dd0894fb71b09edaef3e3d7f9e4
HP Security Bulletin HPSBMU03612 1
Posted Jun 2, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03612 1 - Multiple potential security vulnerabilities have been identified with HPE Insight Control (IC) on Windows which could be exploited remotely resulting in Denial of Service (DoS), Unauthorized Access, Cross-site scripting (XSS), Execution of Arbitrary code, Disclosure of Sensitive Information,Remote Code Execution and locally resulting in Cross-site Request Forgery (CSRF). Revision 1 of this advisory.

tags | advisory, remote, denial of service, arbitrary, vulnerability, code execution, xss, csrf
systems | windows
advisories | CVE-2007-6750, CVE-2011-4969, CVE-2014-3508, CVE-2014-3509, CVE-2014-3511, CVE-2014-3513, CVE-2014-3567, CVE-2014-3568, CVE-2014-3569, CVE-2015-0205, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-3194, CVE-2015-3195, CVE-2015-3237, CVE-2015-6565, CVE-2015-7501, CVE-2015-7547, CVE-2015-7995, CVE-2015-8035, CVE-2016-0705, CVE-2016-0728, CVE-2016-0799, CVE-2016-2015, CVE-2016-2017
SHA-256 | 55b881f2a237e07f9560dcebcf5f78996c72fe03931da60fb9afbd2da087871d
HP Security Bulletin HPSBMU03611 1
Posted May 26, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03611 1 - Multiple potential security vulnerabilities have been identified with the Matrix Operating Environment on Windows and Linux that could be exploited remotely resulting in Denial of Service (DoS), Unauthorized Access, Execution of arbitrary code, Cross-site scripting (XSS), Disclosure of Sensitive Information, Code Execution, and locally resulting in Cross-site Request Forgery (CSRF). Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, code execution, xss, csrf
systems | linux, windows
advisories | CVE-2009-3555, CVE-2014-3508, CVE-2014-3509, CVE-2014-3511, CVE-2014-3513, CVE-2014-3567, CVE-2014-3568, CVE-2014-3569, CVE-2015-0205, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-3194, CVE-2015-3195, CVE-2015-6565, CVE-2015-7501, CVE-2016-0705, CVE-2016-0799, CVE-2016-2017, CVE-2016-2018, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, CVE-2016-2026, CVE-2016-2027
SHA-256 | 07f921689053d6bedbb8e1f9fc233c8b5f70902577e1ef3c8ec264ef9e30544e
Red Hat Security Advisory 2016-0118-01
Posted Feb 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0118-01 - Red Hat JBoss Operations Network is a Middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.3.5 release serves as a replacement for JBoss Operations Network 3.3.4, and includes several bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-3253, CVE-2015-7501
SHA-256 | 7194b9c62a49a65018efc34f3d9462be83103fbaba6fdfadf6ed8ab887078a7f
Red Hat Security Advisory 2016-0040-01
Posted Jan 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0040-01 - JBoss Operations Network provides an integrated solution for managing JBoss middleware, other network infrastructure, and applications built on Red Hat Enterprise Application Platform. The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
SHA-256 | b4942ce747fe27ac157faff88270c785c3daece0bce3e125925311048085e72f
Red Hat Security Advisory 2015-2671-01
Posted Dec 21, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2671-01 - The Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. With this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property "org.apache.commons.collections.enableUnsafeSerialization" to re-enable their deserialization.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
SHA-256 | 255fd5c7c552ccd1e430eb16fa3bd6c12a21497614c3d57bb729f36b13d38515
Red Hat Security Advisory 2015-2670-01
Posted Dec 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2670-01 - Apache Commons Collections is a library built upon Java JDK classes by providing new interfaces, implementations and utilities. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
SHA-256 | eb6b898028084584c67bd48cffa7bd9d30bffcbbb214bc9cad86b6cca532b017
Red Hat Security Advisory 2015-2579-01
Posted Dec 8, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2579-01 - Apache Commons Collections is a library built upon Java JDK classes by providing new interfaces, implementations and utilities. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
SHA-256 | 7adc2c95a90db0d9990222bb5593457949914b69ecae0ba90e19645906c7f170
Red Hat Security Advisory 2015-2578-01
Posted Dec 8, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2578-01 - Apache Commons Collections is a library built upon Java JDK classes by providing new interfaces, implementations and utilities. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
SHA-256 | 11d49327f51d20383027a6e0ebd090140db8edb804834efaab6040d374895db4
Red Hat Security Advisory 2015-2560-01
Posted Dec 7, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2560-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This release of Red Hat JBoss BPM Suite 6.2.0 serves as a replacement for Red Hat JBoss BPM Suite 6.1.2, and includes bug fixes and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-0250, CVE-2015-6748, CVE-2015-7501
SHA-256 | b31590bd5428473b82cac74a3e51a9ceeb6c65e056d08c5a155284cc088e7457
Red Hat Security Advisory 2015-2557-01
Posted Dec 7, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2557-01 - Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards-compliant messaging system that is tailored for use in mission critical applications. Red Hat JBoss A-MQ 6.2.1 is a micro product release that updates Red Hat JBoss A-MQ 6.2.0, and includes several bug fixes and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-3253, CVE-2015-5181, CVE-2015-7501
SHA-256 | 28cad0dd0104739c3ad7b7dd395f265103b51b4d72b5188b28db0b5ee73e6f47
Red Hat Security Advisory 2015-2559-01
Posted Dec 7, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2559-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This release of Red Hat JBoss BRMS 6.2.0 serves as a replacement for Red Hat JBoss BRMS 6.1.2, and includes bug fixes and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-0250, CVE-2015-6748, CVE-2015-7501
SHA-256 | 8e929ffd0869a3d98996e4284a5dff64f0935663f5489c95527f4db30aa478bd
Red Hat Security Advisory 2015-2556-01
Posted Dec 7, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2556-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss Fuse 6.2.1 is a micro product release that updates Red Hat JBoss Fuse 6.2.0, and includes several bug fixes and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-3253, CVE-2015-5181, CVE-2015-7501
SHA-256 | b1396b19aadb57fd2a1b208aef3c84d9a22ce455c5fafafe4a08f679ba817a7b
Red Hat Security Advisory 2015-2548-01
Posted Dec 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2548-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, web, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
SHA-256 | 5a605930055469bf0a06cb8720c4f0e40b41f82493a8b70826524ffdd3916e98
Red Hat Security Advisory 2015-2547-01
Posted Dec 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2547-01 - JBoss Operations Network provides an integrated solution for managing JBoss middleware, other network infrastructure, and applications built on Red Hat Enterprise Application Platform. The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
SHA-256 | cc8640c4388a4a895f95c581dafe20c6a1ab851a9fe6804f2c0d4d6cc2614a2f
Red Hat Security Advisory 2015-2542-01
Posted Dec 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2542-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-5304, CVE-2015-7501
SHA-256 | 769753c23fa44883c0a1cb29228b56da67792c60690a326278743b344879bb60
Red Hat Security Advisory 2015-2541-01
Posted Dec 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2541-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-5304, CVE-2015-7501
SHA-256 | 54ef7d2cacc1fca8cda27da2f49d2e75a9654c0ed2bd911f0f4b661e4ef15620
Red Hat Security Advisory 2015-2540-01
Posted Dec 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2540-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-5304, CVE-2015-7501
SHA-256 | 303793d8561dccbe0bccc7c85fef2a6f2c76c530e82a96fb1bcfba7b1477990e
Red Hat Security Advisory 2015-2539-01
Posted Dec 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2539-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-5304, CVE-2015-7501
SHA-256 | cec179433c8b214af2aeadf23419255ffc44da58f98017b40827dbf4b84b6e92
Red Hat Security Advisory 2015-2538-01
Posted Dec 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2538-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-5304, CVE-2015-7501
SHA-256 | dc3af6c291832609148a6b54f87ef924bfcdea3e964652c58de6588a02d3ef4d
Red Hat Security Advisory 2015-2536-01
Posted Dec 2, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2536-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
SHA-256 | 5e8bbed2f3b25ac34f8aa82ddcbb89fe5dec0fbe452544181c9fe747178a3796
Red Hat Security Advisory 2015-2537-01
Posted Dec 2, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2537-01 - Red Hat JBoss Portal is the open source implementation of the Java EE suite of services and Portal services running atop Red Hat JBoss Enterprise Application Platform. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
SHA-256 | fe1fc6b6187effefed671fb817dc0c8493d76336a870d0bb03e4657b842c8c0a
Red Hat Security Advisory 2015-2534-01
Posted Dec 1, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2534-01 - Apache Commons Collections is a library built upon Java JDK classes by providing new interfaces, implementations and utilities. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
SHA-256 | 82e69af8562a6d2beda47ff7c64a29f5a548afef72a77b9a2f379497188dc9cf
Red Hat Security Advisory 2015-2535-01
Posted Dec 1, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2535-01 - Red Hat JBoss Enterprise Application Platform 5 is a platform for Java applications based on JBoss Application Server 6. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
SHA-256 | 1d209b80d89f5aac30e613d9f23c5927d34aaa7cb1d78b9d220eee948bbc03a0
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close