Description
The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.
References (9)
Core 9
Core References
Product x_refsource_confirm
http://sourceforge.net/project/shownotes.php?release_id=549490&group_id=22866
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0213.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0151.html
Exploit x_refsource_confirm
http://jira.jboss.com/jira/browse/JBSEAM-2084
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/26850
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/42631
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/4215
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0158.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28077
Scores
EPSS
0.0323
EPSS Percentile
86.8%
Details
CWE
CWE-20
Status
published
Products (1)
jboss/seam
< 2.0.0
Published
Dec 18, 2007
Tracked Since
Feb 18, 2026