Red Hat Enterprise Application Platform And WildFly Memory Consumption Vulnerabilities
The information has been provided by Jason Greene from Red Hat.
* Red Hat Enterprise Application Platform before 6.4.4
* Red Hat Enterprise Application Platform after 6.4.4
Several vulnerabilities were reported in JBoss Enterprise Application Platform. A remote user can conduct cross-site request forgery attacks. A remote user can consume excessive memory on the target system. A remote user can conduct click-jacking attacks. A remote user can create a specially crafted HTML page or URL that, when loaded by the target authenticated user, will exploit a flaw in the EAP Web Console and take actions on the target interface acting as the target user
Original release date: 10/27/2015
Last revised: 10/28/2015