CVE-2005-2158 - Vulnerability Details - OpenCVE

A regression error in the embedded HSQLDB in JBoss jBPM 2.0 allows remote attackers to execute arbitrary comands, a re-introduction of a vulnerability that was originally identified by CVE-2003-0845.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Jboss	Jbpm

Configuration 1 [-]

cpe:2.3:a:jboss:jbpm:2.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=112051548512338&w=2
http://www.illegalaccess.org/java/jboss.php

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-07-06T04:00:00

Updated: 2024-08-07T22:15:37.623Z

Reserved: 2005-07-06T00:00:00

Link: CVE-2005-2158

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2005-07-06T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2005-2158

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-07-03T00:00:00", "descriptions": [{"lang": "en", "value": "A regression error in the embedded HSQLDB in JBoss jBPM 2.0 allows remote attackers to execute arbitrary comands, a re-introduction of a vulnerability that was originally identified by CVE-2003-0845."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20050703 JBoss jBPM 2.0: Remote code execution and classloader covert channel", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=112051548512338&w=2"}, {"tags": ["x_refsource_MISC"], "url": "http://www.illegalaccess.org/java/jboss.php"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-2158", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A regression error in the embedded HSQLDB in JBoss jBPM 2.0 allows remote attackers to execute arbitrary comands, a re-introduction of a vulnerability that was originally identified by CVE-2003-0845."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20050703 JBoss jBPM 2.0: Remote code execution and classloader covert channel", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=112051548512338&w=2"}, {"name": "http://www.illegalaccess.org/java/jboss.php", "refsource": "MISC", "url": "http://www.illegalaccess.org/java/jboss.php"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T22:15:37.623Z"}, "title": "CVE Program Container", "references": [{"name": "20050703 JBoss jBPM 2.0: Remote code execution and classloader covert channel", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=112051548512338&w=2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.illegalaccess.org/java/jboss.php"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-2158", "datePublished": "2005-07-06T04:00:00", "dateReserved": "2005-07-06T00:00:00", "dateUpdated": "2024-08-07T22:15:37.623Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}