Lucene search

K
redhatRedHatRHSA-2015:2536
HistoryDec 01, 2015 - 8:21 p.m.

(RHSA-2015:2536) Critical: Red Hat JBoss Enterprise Application Platform 6.3 security update

2015-12-0120:21:51
access.redhat.com
42

EPSS

0.018

Percentile

88.4%

Red Hat JBoss Enterprise Application Platform 6 is a platform for Java
applications based on JBoss Application Server 7.

It was found that the Apache commons-collections library permitted code
execution when deserializing objects involving a specially constructed
chain of classes. A remote attacker could use this flaw to execute
arbitrary code with the permissions of the application using the
commons-collections library. (CVE-2015-7501)

Further information about this security flaw may be found at:
https://access.redhat.com/solutions/2045023

All users of Red Hat JBoss Enterprise Application Platform 6.3 on Red Hat
Enterprise Linux 6 are advised to upgrade to these updated packages.
The JBoss server process must be restarted for the update to take effect.