CVE-2013-2165

{"id": "CVE-2013-2165", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-07-23T11:03:11.980", "references": [{"url": "http://jvn.jp/en/jp/JVN38787103/index.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000072", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html", "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1041.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1042.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1043.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1044.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1045.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2020/Mar/21", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2013-2165", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=973570", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://jvn.jp/en/jp/JVN38787103/index.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000072", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1041.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1042.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1043.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1044.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1045.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2020/Mar/21", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/security/cve/CVE-2013-2165", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=973570", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through 5.2.0, Red Hat JBoss BRMS through 5.3.1, Red Hat JBoss SOA Platform through 4.3.0 CP05 and 5.x through 5.3.1, Red Hat JBoss Portal through 4.3 CP07 and 5.x through 5.2.2, and Red Hat JBoss Operations Network through 2.4.2 and 3.x through 3.1.2 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data."}, {"lang": "es", "value": "ResourceBuilderImpl.java en la implementaci\u00f3n de RichFaces 3.x a 5.x en la implementaci\u00f3n de Red Hat JBoss Web Framework Kit anterior a 2.3.0, Red Hat JBoss Web Platform a 5.2.0, Red Hat JBoss Enterprise Application Platform a 4.3.0 CP10 y 5.x a la 5.2.0, Red Hat JBoss BRMS hasta la 5.3.1, Red Hat JBoss SOA Platform hasta la 4.3.0 CP05 y 5.x hasta la 5.3.1, Red Hat JBoss Portal hasta la 4.3 CP07 y 5.x hasta 5.2.2, y Red Hat JBoss Operations Network hasta 2.4.2 y 3.x hasta la 3.1.2, no restringe las clases para la deserializaci\u00f3n de los m\u00e9todos que pueden ser invocados, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos serializados."}], "lastModified": "2024-11-21T01:51:10.207", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E82B2AD8-967D-4ABE-982B-87B9DE73F8D6"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "424C0428-6E78-42B2-B77A-921116528D06"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5D7F1AD-4BD3-4C37-B6B5-B287464B2EEB"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76D8FCD1-55D5-4187-87DD-39904EDE2EF8"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "972C5C87-E982-44A5-866D-FDEACB5203B8"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C13890AE-5FDE-4698-8A2E-1B2FA0A313AF"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A785F07-9B76-4153-B676-29C9682B2F73"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46849C8D-36E9-4E97-BB49-E04F4EB199E6"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CDC2527-97FE-409D-8DD6-78E085CC73C2"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41B77A70-95E1-4333-90E4-8056389EEE92"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BB18D40-E8EA-4EB7-A25D-15CE6B65E21F"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E911B601-2A14-4C23-81FF-689DBDB79626"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DECC247-477B-4AB3-9FD4-B7B6726A728D"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C70B67DF-8122-40D6-9301-B1DD31D71F55"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6B1CE36-5131-425D-90BD-FC597F27B3E4"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:4.3.0:cp03:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F570DE3-8759-44F9-B515-71889139A443"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:4.3.0:cp04:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5FED015-A1E5-4CDC-9E99-97FA0ED2454D"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:4.3.0:cp05:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D20B3197-3BB8-427B-8B92-D53B200A235A"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:4.3.0:cp06:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A87344DF-9FA8-40B6-98B2-A43FB86BBB6E"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:4.3.0:cp07:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9C9C8B4-693E-4777-BC31-5933147DFC54"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3221242F-802E-418B-BC9D-CFA200D99171"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5472541F-ED83-4656-AE18-1642F571D294"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97165B18-1078-4215-94DA-0B6C4228056E"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A62117F2-5513-4998-8FDC-64564BBD00EC"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D66D2843-0273-4A3A-A9D1-48BBB15031B7"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6572BFDD-0A35-48CC-99A1-2BDE27BABB62"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3451D2AD-BB7B-4149-97C3-2DB1BCC0EF85"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CDEABE3E-DC3E-4B98-8433-4308BBEE6F26"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp01:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70942A41-9089-4313-8B00-5CB92518A349"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp02:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "093F7EA4-B190-49A5-AF55-42D4F960EEFE"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp03:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75CBF063-6986-4217-BC8E-661B5167AB2A"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp04:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F6528B6-1147-4366-8F81-8B380903EAA6"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp05:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EF1898E-1A25-442B-865F-1C27B9E5F0D1"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:tp02:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92953D9C-8FF0-4499-A4A4-3B05696D326E"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C57B8004-AF15-4F0F-B9FA-A3CFF7BD42DE"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.3.0:cp01:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66F4FC45-CF67-44E4-96CA-31B537151C7E"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.3.0:cp02:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7CF5F63-C7A8-4787-9620-F5B76A9F0F3E"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.3.0:cp03:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BCA6581-3C94-4B1B-B30F-E0B854A68968"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.3.0:cp04:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23F0650B-C39D-4C7D-8BB9-BBA951BA8AAE"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.3.0:cp05:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67BD448A-745D-4387-ABC8-A18DF142574D"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFB8FED0-E0C6-409C-A2D8-B3999265D545"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFC497FD-503A-463B-A75E-9C4B9B716521"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8F224EE-A5A1-490B-91A5-0196B4168F32"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B72D56E-DE3C-4383-906D-F3DCD9D09CC9"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55661526-BC23-4853-BF6C-E1899D747EC5"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "118B3D27-8BF7-48ED-9D22-564B7D515610"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CD4700B-4C95-426E-ADF6-D165BB3E6F85"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93B87581-F441-4A93-B797-337B7572CC08"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC20F443-4918-46D2-8251-1C8F072B7733"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F20B8708-8EC6-4B0E-9693-131F91A4FC15"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C534793-58E0-45B9-84D7-D21E1C4C9F7B"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38F66D5B-F906-437E-977E-F9F930648886"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC1625FD-302E-457E-BDD1-977DE614CB47"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D29DC3CE-E782-47F7-BDF4-4AB63728F05B"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF4A10F6-2128-4986-8A28-BD9B679D8380"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B720DED-23EE-4830-9C8B-441A38DAE80E"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FD44168-A91A-4043-8C34-7A20DC2C1A19"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66926B59-4A4F-47B9-9B2B-3D8DC698BC97"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D72DFB62-EEA6-4126-9DC3-B191CC8D0CA5"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8DBE132-2A98-40C6-947F-50C1D06DDFB1"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18EB42B1-D507-4B48-B835-C87AC5CC3650"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "376C608B-645D-4560-8A7E-4154DCFD2B1F"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C077D692-150C-4AE9-8C0B-7A3EA5EB1100"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DE5BA7D-BEFA-474C-BBD3-4C22F1283182"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EFFA4B2-1562-48E0-A598-3C1F8973FDF1"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "495496C9-8CFE-431D-84EB-1C94B7C74E82"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F57B34F5-66CD-4051-8406-54709C39572F"}, {"criteria": "cpe:2.3:a:redhat:jboss_web_framework_kit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E43C0ED7-47AA-474B-B1E8-D5358EA40A41", "versionEndIncluding": "2.2.0"}, {"criteria": "cpe:2.3:a:redhat:jboss_web_framework_kit:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69A1DC5C-28D4-4C03-9B4D-EB474714B530"}, {"criteria": "cpe:2.3:a:redhat:jboss_web_framework_kit:1.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0043DABE-2CF1-46FA-BC11-058EF8800D37"}, {"criteria": "cpe:2.3:a:redhat:jboss_web_framework_kit:1.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EA16184-345B-47C0-B5C2-2FC47E7BCD87"}, {"criteria": "cpe:2.3:a:redhat:jboss_web_framework_kit:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "910ABBBA-7FAC-4512-801C-3FDB5D7584D3"}, {"criteria": "cpe:2.3:a:redhat:jboss_web_framework_kit:2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30B541A7-C0DC-4650-9C58-22E4FB14C213"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7714AE54-6EA9-4FF0-995A-EAE7C9EC90A3"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF339098-BFB5-4795-84D0-1D4E3CA291C4"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E1D36E4-44D9-4BCB-A5BB-6F9411A1EF02"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E459D64B-4427-45D4-9AD8-27322D472AA5"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BECB4A09-BF7E-4314-9DFA-FB093FD1035F"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA0C4149-1B58-44B4-8A4C-694EC46357B1"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "597510CA-20F6-4BFB-B674-BA2E54510D70"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E67C14B-9CAB-401F-9B8E-367DABC8B403"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.2.0:sr1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC999E61-A1E7-434F-89C5-D65150FFD3C4"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDDF3150-DB24-45B5-8AE4-E1389BFC7D9E"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C460B1D-6C7D-40B8-8F23-192CCEB68948"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A03D84C-BB68-4564-97F7-8CD326D86B4C"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E2B5531-406B-47EA-A61F-2D3DD07E5BE9"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D2FE027-BF63-4EC9-B743-C7A805A65FCD"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.3.2:sr1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66F0B040-84E3-44B4-ACE4-0BC9366C064E"}, {"criteria": "cpe:2.3:a:redhat:richfaces:3.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD902B25-B15E-463E-8DF0-7DD0889A2B00"}, {"criteria": "cpe:2.3:a:redhat:richfaces:4.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E27F9EFE-D7CA-46A0-99B2-F4FDE622A9CC"}, {"criteria": "cpe:2.3:a:redhat:richfaces:4.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4A438EF-E450-49DE-B745-3F8034C715DC"}, {"criteria": "cpe:2.3:a:redhat:richfaces:4.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7201416F-1CAC-431E-93A8-74FBB708CC53"}, {"criteria": "cpe:2.3:a:redhat:richfaces:4.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E9C9F20-702E-4943-9AE9-D419BFFFBC45"}, {"criteria": "cpe:2.3:a:redhat:richfaces:4.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E7B1BC4-71B6-4F46-927F-E537A1688CD6"}, {"criteria": "cpe:2.3:a:redhat:richfaces:4.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "730FB8DB-5116-4BF2-9348-F280ACF3D197"}, {"criteria": "cpe:2.3:a:redhat:richfaces:4.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B82F2B98-5B8B-4BA0-912C-0C6C6B5393DA"}, {"criteria": "cpe:2.3:a:redhat:richfaces:4.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "986311E6-C44C-4DFF-A74B-1501DFB9B5A2"}, {"criteria": "cpe:2.3:a:redhat:richfaces:4.5.0:alpha1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D6E0C8B-8901-47F9-A96E-645BE5037666"}, {"criteria": "cpe:2.3:a:redhat:richfaces:5.0.0:alpha1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DA147D3-F295-4DBD-87AD-40C7F9B00C8F"}], "operator": "OR"}]}], "evaluatorComment": "Per: http://www.bleathem.ca/blog/2013/07/richfaces-CVE-2013-2165.html\n\n\"Download RichFaces 3.3.4.Final or RichFaces 4.3.3.Final and use them in your applications to protect yourself from this vulnerability.\"", "sourceIdentifier": "secalert@redhat.com"}