1
Candidate: CVE-2013-0218
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0218
5
https://bugzilla.redhat.com/show_bug.cgi?id=903073
6
http://xforce.iss.net/xforce/xfdb/81725
7
http://secunia.com/advisories/52041
8
http://rhn.redhat.com/errata/RHSA-2013-0207.html
9
http://rhn.redhat.com/errata/RHSA-2013-0206.html
11
The GUI installer in JBoss Enterprise Application Platform (EAP) and
12
Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable
13
permissions for the auto-install XML file, which allows local users to
14
obtain the administrator password and the sucker password by reading this
18
jdstrand> per Debian, Only builds a few libraries, not the full application
21
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581226
27
upstream_jbossas4: needs-triage
28
hardy_jbossas4: not-affected
29
lucid_jbossas4: not-affected
30
oneiric_jbossas4: not-affected
31
precise_jbossas4: not-affected
32
quantal_jbossas4: not-affected
33
devel_jbossas4: not-affected