Summary
The JBoss Enterprise Application Platform is prone to multiple vulnerabilities, including a remote code-execution issue, a remote denial-of- service issue, and a cross-site request-forgery issue.
Successful exploits can allow attackers to execute arbitrary code within the context of the affected application, perform certain administrative actions, deploy arbitrary WAR files on the server, or cause denial-of-service conditions
other attacks
may also be possible.
These issues affect JBoss Enterprise Application Platform 4.3.0 other
versions may also be affected.
Solution
Updates are available
please see the references for more information.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-3708, CVE-2010-3862, CVE-2010-3878 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- RDS / MDAC Vulnerability (msadcs.dll) located
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities - March 2011
- Serva32 Directory Traversal and Denial of Service Vulnerabilities
- CoreHTTP CGI Support Remote Command Execution Vulnerability
- Lighttpd 'mod_userdir' Case Sensitive Comparison Security Bypass Vulnerability