CVE-2007-1354
CVE-2007-1354 affects JBoss Application Server’s JMX Console (JBoss AS 4.0.2 and 4.0.5 before 20070416). The flaw is in JMXOpsAccessControlFilter, which stores the current user’s roles in a member variable, enabling a race condition where a remote authenticated administrator could log in during a...