N/A

An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges.

N/A

N/A

Red Hat JBoss EAP和JBoss Application Server 安全漏洞

Red Hat JBoss Application Server是美国红帽（Red Hat）公司的一款基于Java EE的开源的应用服务器。该产品具有启动超快、轻量、模块化设计、热部署和并行部署、简洁管理、域管理及第一类元件等特性。 Red Hat JBoss EAP 6 Beta版本、JBoss AS 7.1.0版本、7.1.1版本（社区版）中存在提权漏洞。攻击者可利用该漏洞获取提升的权限。

N/A

N/A