CVE-2013-1768

NONECVSS 0.0

0.0

The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs.

🔗 References (38)

secalert@redhathttp://archives.neohapsis.com/archives/fulldisclosure/2013-06/0099.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2013-1862.html
secalert@redhathttp://svn.apache.org/viewvc?view=revision&revision=1462076
secalert@redhathttp://svn.apache.org/viewvc?view=revision&revision=1462225
secalert@redhathttp://svn.apache.org/viewvc?view=revision&revision=1462268
secalert@redhathttp://svn.apache.org/viewvc?view=revision&revision=1462318
secalert@redhathttp://svn.apache.org/viewvc?view=revision&revision=1462328
secalert@redhathttp://svn.apache.org/viewvc?view=revision&revision=1462488
secalert@redhathttp://svn.apache.org/viewvc?view=revision&revision=1462512
secalert@redhathttp://svn.apache.org/viewvc?view=revision&revision=1462558
secalert@redhathttp://www-01.ibm.com/support/docview.wss?uid=swg1PM86780
secalert@redhathttp://www-01.ibm.com/support/docview.wss?uid=swg1PM86786
secalert@redhathttp://www-01.ibm.com/support/docview.wss?uid=swg1PM86788
secalert@redhathttp://www-01.ibm.com/support/docview.wss?uid=swg1PM86791
secalert@redhathttp://www-01.ibm.com/support/docview.wss?uid=swg21635999

Is Your Infrastructure Affected by CVE-2013-1768?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-1768

📅 Published

🔄 Last Modified

🔗 References (38)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-1768?