The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote malicious users to execute arbitrary code via a crafted serialized payload.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat jboss enterprise application platform 5.2.0 |
||
redhat jboss enterprise application platform 5.1.2 |
||
redhat jboss enterprise application platform 5.0.0 |
||
redhat jboss enterprise application platform 4.2.0 |
||
redhat jboss enterprise application platform 4.3.0 |
||
redhat jboss enterprise application platform 5.1.1 |
||
redhat jboss enterprise application platform 5.1.0 |