Vulnerabilities > Redhat > Jboss Enterprise Application Platform > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-10-03 CVE-2016-7046 Resource Management Errors vulnerability in Redhat Jboss Enterprise Application Platform 7.0
Red Hat JBoss Enterprise Application Platform (EAP) 7, when operating as a reverse-proxy with default buffer sizes, allows remote attackers to cause a denial of service (CPU and disk consumption) via a long URL.
network
high complexity
redhat CWE-399
5.9
2016-09-26 CVE-2016-4993 HTTP Response Splitting vulnerability in Redhat Jboss Enterprise Application Platform
CRLF injection vulnerability in the Undertow web server in WildFly 10.0.0, as used in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
network
low complexity
redhat CWE-113
6.1
2010-04-28 CVE-2010-0738 Unspecified vulnerability in Redhat Jboss Enterprise Application Platform 4.2.0/4.3.0
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
network
low complexity
redhat
5.3