Description
jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal Platform 5.2.2, and Red Hat JBoss SOA Platform 5.3.1, does not properly implement the JSR 160 specification, which allows remote attackers to execute arbitrary code via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.31)
WordPress Plugin Custom Dashboard & Login Page-AGCA Multiple Unspecified Vulnerabilities (1.5.4.2)
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17307)