CVE-2016-3690

CVE-2016-3690

EPSS 5.2%

The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote attackers to execute arbitrary code via a crafted serialized payload.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://access.redhat.com/solutions/178393 https://access.redhat.com/solutions/45530 https://bugzilla.redhat.com/show_bug.cgi?id=1327037 http://www.securityfocus.com/bid/99079