The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.
Tomcat
Red Hat
Apache
Information Disclosure
Jboss Enterprise Application Platform
+1
NVD
CVSS 2.0
7.5
EPSS
5.3%