oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CSRF in the JBoss AS 7 administration console & HTTP management API - CVE-2011-3609

From: David Jorm <djorm () redhat com>
Date: Thu, 01 Dec 2011 23:17:05 -0500 (EST)
CVE-2011-3609 has been assigned to a CSRF flaw in the JBoss AS 7 administration console & HTTP management API. A fix 
for this issue is now available in the latest release of AS 7. Details are in Red Hat Bugzilla:

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3609

Thanks to David Black for reporting this flaw.

-- 
David Jorm / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: