| Max CVSS | 7.5 | Min CVSS | 5.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-4608 | 7.5 |
mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sess
|
13-02-2023 - 03:23 | 27-01-2012 - 15:55 | |
| CVE-2011-4085 | 6.8 |
The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which a
|
13-02-2023 - 00:20 | 23-11-2012 - 20:55 | |
| CVE-2011-4314 | 5.8 |
message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used in JBoss Enterprise Application Platform 5.1 before 5.1.2, Step2, Kay Framework before 1.0.2, and possibly other products does not verify that Attribute Exchange (AX) information is
|
15-02-2013 - 04:50 | 27-01-2012 - 15:55 |