(RHSA-2015:2524) Critical: Red Hat JBoss Operations Network 3.3.4 security update

2015-11-30T21:04:46
ID RHSA-2015:2524
Type redhat
Reporter RedHat
Modified 2019-02-20T17:23:29

Description

Apache Commons Collections is a library built upon Java JDK classes by providing new interfaces, implementations and utilities.

It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)

Further information about this security flaw may be found at: https://access.redhat.com/solutions/2045023

All users of JBoss Operations Network 3.3.4 as provided from the Red Hat Customer Portal are advised to apply this security update.