Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2013-6447

Multiple XML External Entity (XXE) vulnerabilities in the (1) ExecutionHandler, (2) PollHandler, and (3) SubscriptionHandler classes in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allow remote attackers to read arbitrary files and possibly have other impacts via a crafted XML file.

  • Published: Jan 23, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2013-6447
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
redhat / jboss_seam_2_framework 2.1.2-cr1 2.1.2-cr1.x
redhat / jboss_seam_2_framework 2.3.0 2.3.0.x
redhat / jboss_seam_2_framework 2.0.0-cr1 2.0.0-cr1.x
redhat / jboss_seam_2_framework 2.2.0-cr1 2.2.0-cr1.x
redhat / jboss_seam_2_framework 2.0.2-ga 2.0.2-ga.x
redhat / jboss_seam_2_framework 2.3.1-cr1 2.3.1-cr1.x
redhat / jboss_seam_2_framework - 2.3.1.x
redhat / jboss_seam_2_framework 2.0.0-beta1 2.0.0-beta1.x
redhat / jboss_seam_2_framework 2.1.0-alpha1 2.1.0-alpha1.x
redhat / jboss_seam_2_framework 2.1.2-cr2 2.1.2-cr2.x
redhat / jboss_seam_2_framework 2.1.2 2.1.2.x
redhat / jboss_seam_2_framework 2.0.0-cr3 2.0.0-cr3.x
redhat / jboss_seam_2_framework 2.2.2 2.2.2.x
redhat / jboss_seam_2_framework 2.1.0-sp1 2.1.0-sp1.x
redhat / jboss_seam_2_framework 2.1.0-ga 2.1.0-ga.x
redhat / jboss_seam_2_framework 2.1.0-cr1 2.1.0-cr1.x
redhat / jboss_seam_2_framework 2.0.2-sp1 2.0.2-sp1.x
redhat / jboss_seam_2_framework 2.0.1-ga 2.0.1-ga.x
redhat / jboss_seam_2_framework 2.1.1-cr1 2.1.1-cr1.x
redhat / jboss_seam_2_framework 2.2.0-ga 2.2.0-ga.x
redhat / jboss_seam_2_framework 2.2.1-cr3 2.2.1-cr3.x
redhat / jboss_seam_2_framework 2.0.0-cr2 2.0.0-cr2.x
redhat / jboss_seam_2_framework 2.3.0-beta1 2.3.0-beta1.x
redhat / jboss_seam_2_framework 2.0.2-cr1 2.0.2-cr1.x
redhat / jboss_seam_2_framework 2.0.1-cr1 2.0.1-cr1.x
redhat / jboss_seam_2_framework 2.0.3-cr1 2.0.3-cr1.x
redhat / jboss_seam_2_framework 2.1.1-ga 2.1.1-ga.x
redhat / jboss_seam_2_framework 2.3.0-beta2 2.3.0-beta2.x
redhat / jboss_seam_2_framework 2.1.0-beta1 2.1.0-beta1.x
redhat / jboss_seam_2_framework 2.0.1-cr2 2.0.1-cr2.x
redhat / jboss_seam_2_framework 2.2.1-cr1 2.2.1-cr1.x
redhat / jboss_seam_2_framework 2.2.1 2.2.1.x
redhat / jboss_seam_2_framework 2.2.1-cr2 2.2.1-cr2.x
redhat / jboss_seam_2_framework 2.3.0-cr1 2.3.0-cr1.x
redhat / jboss_seam_2_framework 2.1.1-cr2 2.1.1-cr2.x
redhat / jboss_seam_2_framework 2.0.0-ga 2.0.0-ga.x
redhat / jboss_seam_2_framework 2.3.0-alpha 2.3.0-alpha.x
redhat / jboss_seam_2_framework 2.0.2-cr2 2.0.2-cr2.x