فا

‫ Red Hat update for cfme

IRCAD2014033198
ID: IRCAD2014033198
Release Date: 2014-03-14
Criticality level: Highly critical
Software:

Red Hat CloudForms

Description:

Red Hat has issued an update for cfme. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.

1) The application allows users to perform certain actions via ServiceController without performing proper validity checks. This can be exploited to execute otherwise restricted, arbitrary method on controller.

Solution

Updated packages are available via Red Hat Network.

References:
RHSA-2014:0215-1:
Red Hat:
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 27 اسفند 1392

امتیاز

امتیاز شما
تعداد امتیازها: 0