{"id":"RHSA-2013:1011","summary":"Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 update","modified":"2026-05-15T10:02:00Z","published":"2024-09-15T20:50:45Z","upstream":["CVE-2012-3499","CVE-2012-3544","CVE-2012-4558","CVE-2013-2067","CVE-2013-2071"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2013:1011"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"ARTICLE","url":"https://access.redhat.com/site/documentation/"},{"type":"ARTICLE","url":"https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_Web_Server/2/html-single/Installation_Guide/index.html"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=915883"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=915884"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=961779"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=961783"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=961803"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1011.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2012-3499"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2012-3499"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3499"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2012-3544"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2012-3544"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3544"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2012-4558"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2012-4558"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4558"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2013-2067"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2013-2067"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2013-2067"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2013-2071"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2013-2071"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2013-2071"}],"affected":[{"package":{"name":"apache-commons-daemon-eap6","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/apache-commons-daemon-eap6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.0.15-4.redhat_1.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"apache-commons-daemon-jsvc-eap6","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/apache-commons-daemon-jsvc-eap6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.0.15-1.redhat_1.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"apache-commons-pool-eap6","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/apache-commons-pool-eap6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6-6.redhat_4.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"apache-commons-pool-tomcat-eap6","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/apache-commons-pool-tomcat-eap6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6-6.redhat_4.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"dom4j","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/dom4j"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.1-19.redhat_5.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"ecj3","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/ecj3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.7.2-6.redhat_1.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"httpd","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/httpd"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.22-23.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"httpd-devel","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/httpd-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.22-23.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"httpd-manual","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/httpd-manual"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.22-23.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"httpd-tools","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/httpd-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.22-23.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"mod_cluster","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/mod_cluster"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.4-1.Final_redhat_1.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"mod_cluster-demo","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/mod_cluster-demo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.4-1.Final_redhat_1.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"mod_cluster-native","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/mod_cluster-native"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.4-1.Final.redhat_1.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"mod_cluster-tomcat6","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/mod_cluster-tomcat6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.4-1.Final_redhat_1.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"mod_cluster-tomcat7","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/mod_cluster-tomcat7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.4-1.Final_redhat_1.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"mod_jk","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/mod_jk"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.37-2.redhat_1.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"mod_jk-ap22","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/mod_jk-ap22"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.37-2.redhat_1.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"mod_jk-manual","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/mod_jk-manual"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.37-2.redhat_1.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"mod_ssl","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/mod_ssl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.2.22-23.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat-native","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat-native"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.1.27-4.redhat_1.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat6","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.0.37-8_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat6-admin-webapps","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat6-admin-webapps"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.0.37-8_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat6-docs-webapp","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat6-docs-webapp"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.0.37-8_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat6-el-1.0-api","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat6-el-1.0-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.0.37-8_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat6-javadoc","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat6-javadoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.0.37-8_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat6-jsp-2.1-api","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat6-jsp-2.1-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.0.37-8_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat6-lib","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat6-lib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.0.37-8_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat6-log4j","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat6-log4j"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.0.37-8_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat6-servlet-2.5-api","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat6-servlet-2.5-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.0.37-8_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat6-webapps","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat6-webapps"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.0.37-8_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat7","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.40-9_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat7-admin-webapps","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat7-admin-webapps"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.40-9_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat7-docs-webapp","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat7-docs-webapp"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.40-9_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat7-el-1.0-api","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat7-el-1.0-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.40-9_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat7-javadoc","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat7-javadoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.40-9_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat7-jsp-2.2-api","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat7-jsp-2.2-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.40-9_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat7-lib","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat7-lib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.40-9_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat7-log4j","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat7-log4j"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.40-9_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat7-servlet-3.0-api","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat7-servlet-3.0-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.40-9_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}},{"package":{"name":"tomcat7-webapps","ecosystem":"Red Hat:jboss_enterprise_web_server:2::el5","purl":"pkg:rpm/redhat/tomcat7-webapps"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.40-9_patch_01.ep6.el5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2013:1011.json"}}],"schema_version":"1.7.5"}