CVE-2013-6447
published 2014-01-23CVE-2013-6447: Multiple XML External Entity (XXE) vulnerabilities in the (1) ExecutionHandler, (2) PollHandler, and (3) SubscriptionHandler classes in JBoss Seam Remoting in…
medium5CVSS 3.1
AVNACLAuNCPINAN
Multiple XML External Entity (XXE) vulnerabilities in the (1) ExecutionHandler, (2) PollHandler, and (3) SubscriptionHandler classes in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allow remote attackers to read arbitrary files and possibly have other impacts via a crafted XML file.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | jboss_seam_2_framework | <= 2.3.1 | — |
| redhat | jboss_seam_2_framework | — | — |
| redhat | jboss_seam_2_framework | — | — |
| redhat | jboss_seam_2_framework | — | — |
| redhat | jboss_seam_2_framework | — | — |
| redhat | jboss_seam_2_framework | — | — |
| redhat | jboss_seam_2_framework | — | — |
| redhat | jboss_seam_2_framework | — | — |
| redhat | jboss_seam_2_framework | — | — |
| redhat | jboss_seam_2_framework | — | — |
| redhat | jboss_seam_2_framework | — | — |
| redhat | jboss_seam_2_framework | — | — |
| redhat | jboss_seam_2_framework | — | — |