Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 up to and including 4.0.5 allows remote authenticated users to read or modify arbitrary files, and possibly execute arbitrary code, via unspecified vectors related to the console manager.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jboss jboss application server 4.0.0_final |
||
jboss jboss application server 4.0.1_final |
||
jboss jboss application server 4.0.1_sp1 |
||
jboss jboss application server 4.0.2_final |
||
jboss jboss application server 3.2.5_final |
||
jboss jboss application server 3.2.6_final |
||
jboss jboss application server 3.2.7_final |
||
jboss jboss application server 4.0.3_final |
||
jboss jboss application server 4.0.4.ga |
||
jboss jboss application server 3.2.8.sp1 |
||
jboss jboss application server 3.2.8_final |
||
jboss jboss application server 4.0.5.ga |