UBUNTU-CVE-2012-2672

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2012-2672

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2012/UBUNTU-CVE-2012-2672.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2012-2672

Related

CVE-2012-2672

Published

2012-06-17T03:41:00Z

Modified

2012-06-17T03:41:00Z

Summary

[none]

Details

Oracle Mojarra 2.1.7 does not properly "clean up" the FacesContext reference during startup, which allows local users to obtain context information an access resources from another WAR file by calling the FacesContext.getCurrentInstance function.

References

Affected packages

Ubuntu:16.04:LTS / mojarra

Package

Name: mojarra
Purl: pkg:deb/ubuntu/mojarra?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.8-2

Affected versions

2.*

2.2.8-1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "2.2.8-2",
            "binary_name": "libjsf-api-java"
        },
        {
            "binary_version": "2.2.8-2",
            "binary_name": "libjsf-java-doc"
        }
    ]
}

Ubuntu:18.04:LTS / mojarra

Package

Name: mojarra
Purl: pkg:deb/ubuntu/mojarra?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.8-5

Affected versions

2.*

2.2.8-3

2.2.8-4

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "2.2.8-5",
            "binary_name": "libjsf-api-java"
        },
        {
            "binary_version": "2.2.8-5",
            "binary_name": "libjsf-java-doc"
        }
    ]
}