jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal Platform 5.2.2, and Red Hat JBoss SOA Platform 5.3.1, does not properly implement the JSR 160 specification, which allows remote malicious users to execute arbitrary code via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat jboss enterprise application platform 5.2.0 |
||
redhat jboss enterprise portal platform 5.2.2 |
||
redhat jboss enterprise soa platform 5.3.1 |
||
redhat jboss enterprise brms platform 5.3.1 |