Vulnerability Database
Blog
FAQ
Docs
RHSA-2016:1087
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2016:1087
Import Source
https://security.access.redhat.com/data/osv/RHSA-2016:1087.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2016:1087
Related
CVE-2015-5345
CVE-2015-5346
CVE-2015-5351
CVE-2016-0706
CVE-2016-0714
CVE-2016-0763
Published
2024-09-15T23:05:31Z
Modified
2024-09-15T23:05:31Z
Severity
8.8 (High)
CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 3.0.3 update
Details
References
https://access.redhat.com/errata/RHSA-2016:1087
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Server/3/html-single/3.0.3_Release_Notes/index.html
https://bugzilla.redhat.com/show_bug.cgi?id=1311076
https://bugzilla.redhat.com/show_bug.cgi?id=1311082
https://bugzilla.redhat.com/show_bug.cgi?id=1311085
https://bugzilla.redhat.com/show_bug.cgi?id=1311087
https://bugzilla.redhat.com/show_bug.cgi?id=1311089
https://bugzilla.redhat.com/show_bug.cgi?id=1311093
https://issues.redhat.com/browse/JWS-271
https://issues.redhat.com/browse/JWS-272
https://issues.redhat.com/browse/JWS-276
https://issues.redhat.com/browse/JWS-277
https://issues.redhat.com/browse/JWS-303
https://issues.redhat.com/browse/JWS-304
https://issues.redhat.com/browse/JWS-309
https://issues.redhat.com/browse/JWS-349
https://issues.redhat.com/browse/JWS-350
https://access.redhat.com/security/data/csaf/v2/advisories/2016/rhsa-2016_1087.json
https://access.redhat.com/security/cve/CVE-2015-5345
https://www.cve.org/CVERecord?id=CVE-2015-5345
https://nvd.nist.gov/vuln/detail/CVE-2015-5345
http://seclists.org/bugtraq/2016/Feb/146
https://access.redhat.com/security/cve/CVE-2015-5346
https://www.cve.org/CVERecord?id=CVE-2015-5346
https://nvd.nist.gov/vuln/detail/CVE-2015-5346
http://seclists.org/bugtraq/2016/Feb/143
https://access.redhat.com/security/cve/CVE-2015-5351
https://www.cve.org/CVERecord?id=CVE-2015-5351
https://nvd.nist.gov/vuln/detail/CVE-2015-5351
http://seclists.org/bugtraq/2016/Feb/148
https://access.redhat.com/security/cve/CVE-2016-0706
https://www.cve.org/CVERecord?id=CVE-2016-0706
https://nvd.nist.gov/vuln/detail/CVE-2016-0706
http://seclists.org/bugtraq/2016/Feb/144
https://access.redhat.com/security/cve/CVE-2016-0714
https://www.cve.org/CVERecord?id=CVE-2016-0714
https://nvd.nist.gov/vuln/detail/CVE-2016-0714
http://seclists.org/bugtraq/2016/Feb/145
https://access.redhat.com/security/cve/CVE-2016-0763
https://www.cve.org/CVERecord?id=CVE-2016-0763
https://nvd.nist.gov/vuln/detail/CVE-2016-0763
http://seclists.org/bugtraq/2016/Feb/147
Affected packages
Red Hat:jboss_enterprise_web_server:3.0::el6
/
httpd24
Package
Name
httpd24
Purl
pkg:rpm/redhat/httpd24
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-61.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
httpd24-debuginfo
Package
Name
httpd24-debuginfo
Purl
pkg:rpm/redhat/httpd24-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-61.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
httpd24-devel
Package
Name
httpd24-devel
Purl
pkg:rpm/redhat/httpd24-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-61.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
httpd24-manual
Package
Name
httpd24-manual
Purl
pkg:rpm/redhat/httpd24-manual
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-61.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
httpd24-tools
Package
Name
httpd24-tools
Purl
pkg:rpm/redhat/httpd24-tools
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-61.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_ldap24
Package
Name
mod_ldap24
Purl
pkg:rpm/redhat/mod_ldap24
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-61.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_proxy24_html
Package
Name
mod_proxy24_html
Purl
pkg:rpm/redhat/mod_proxy24_html
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:2.4.6-61.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_security-jws3
Package
Name
mod_security-jws3
Purl
pkg:rpm/redhat/mod_security-jws3
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.8.0-7.GA.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_security-jws3-debuginfo
Package
Name
mod_security-jws3-debuginfo
Purl
pkg:rpm/redhat/mod_security-jws3-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.8.0-7.GA.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_session24
Package
Name
mod_session24
Purl
pkg:rpm/redhat/mod_session24
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-61.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_ssl24
Package
Name
mod_ssl24
Purl
pkg:rpm/redhat/mod_ssl24
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:2.4.6-61.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7
Package
Name
tomcat7
Purl
pkg:rpm/redhat/tomcat7
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-50_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-admin-webapps
Package
Name
tomcat7-admin-webapps
Purl
pkg:rpm/redhat/tomcat7-admin-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-50_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-docs-webapp
Package
Name
tomcat7-docs-webapp
Purl
pkg:rpm/redhat/tomcat7-docs-webapp
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-50_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-el-2.2-api
Package
Name
tomcat7-el-2.2-api
Purl
pkg:rpm/redhat/tomcat7-el-2.2-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-50_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-javadoc
Package
Name
tomcat7-javadoc
Purl
pkg:rpm/redhat/tomcat7-javadoc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-50_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-jsp-2.2-api
Package
Name
tomcat7-jsp-2.2-api
Purl
pkg:rpm/redhat/tomcat7-jsp-2.2-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-50_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-lib
Package
Name
tomcat7-lib
Purl
pkg:rpm/redhat/tomcat7-lib
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-50_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-log4j
Package
Name
tomcat7-log4j
Purl
pkg:rpm/redhat/tomcat7-log4j
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-50_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-servlet-3.0-api
Package
Name
tomcat7-servlet-3.0-api
Purl
pkg:rpm/redhat/tomcat7-servlet-3.0-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-50_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-webapps
Package
Name
tomcat7-webapps
Purl
pkg:rpm/redhat/tomcat7-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-50_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8
Package
Name
tomcat8
Purl
pkg:rpm/redhat/tomcat8
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-61_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-admin-webapps
Package
Name
tomcat8-admin-webapps
Purl
pkg:rpm/redhat/tomcat8-admin-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-61_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-docs-webapp
Package
Name
tomcat8-docs-webapp
Purl
pkg:rpm/redhat/tomcat8-docs-webapp
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-61_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-el-2.2-api
Package
Name
tomcat8-el-2.2-api
Purl
pkg:rpm/redhat/tomcat8-el-2.2-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-61_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-javadoc
Package
Name
tomcat8-javadoc
Purl
pkg:rpm/redhat/tomcat8-javadoc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-61_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-jsp-2.3-api
Package
Name
tomcat8-jsp-2.3-api
Purl
pkg:rpm/redhat/tomcat8-jsp-2.3-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-61_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-lib
Package
Name
tomcat8-lib
Purl
pkg:rpm/redhat/tomcat8-lib
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-61_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-log4j
Package
Name
tomcat8-log4j
Purl
pkg:rpm/redhat/tomcat8-log4j
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-61_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-servlet-3.1-api
Package
Name
tomcat8-servlet-3.1-api
Purl
pkg:rpm/redhat/tomcat8-servlet-3.1-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-61_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-webapps
Package
Name
tomcat8-webapps
Purl
pkg:rpm/redhat/tomcat8-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-61_patch_01.ep7.el6
RHSA-2016:1087 - OSV