[jboss-user] [Tomcat, HTTPD, Servlets & JSP] - JBoss 4.2.2 AS Vulnerability to CVE-2008-2938
frabas1967
do-not-reply at jboss.com
Mon Aug 25 10:08:03 EDT 2008
Hi there,
my first post here.
My security advisor (not to say security watch-dog) ask me if JBoss 4.2.2 is vulnerable to CVE-2008-2938 as stated in http://www.kb.cert.org/vuls/id/343355. This flaw applies to Tomcat 6.x prior to 6.0.18. jboss-4.2.2.GA/docs/licenses/thirdparty-licenses.xml says Tomcat 6.0.10 is used. Any hints on this?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4172312#4172312
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4172312
More information about the jboss-user
mailing list