JBoss Application Server DeploymentFileRepository Remote Code Execution Exploit

A directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server allows remote attackers who are able to access the console manager to create files on arbitrary locations of the filesystem. This can be abused to gain execution of arbitrary code by sending special HTTP requests to the JMX Console.
Vulnerabilty ID: 
Released Date: 
Tuesday, July 27, 2010 - 19:00