Red Hat update for JBoss Enterprise Web Server
Release Date : 2012-05-08
Criticality level : Moderately critical
Impact : Security Bypass
Manipulation of data
Exposure of sensitive information
Where : From remote
Solution Status : Vendor Patch
Software: JBoss Enterprise Web Server 1.x
JBoss Enterprise Web Server EL5
JBoss Enterprise Web Server EL6
Red Hat has issued an update for JBoss Enterprise Web Server. This fixes two weaknesses and multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and gain escalated privileges and by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).
Updated packages are available via the Red Hat Customer Portal.