The vulnerability:
JBoss HSQLDB Remote Command Injection Vulnerability http://www.securityfocus.com/bid/8773
Has been addressed in the recent JBoss 3.2.2 release.
Here is the related CVS commit: http://sourceforge.net/mailarchive/message.php?msg_id=6153888
The JBoss 3.0.9 release is not yet available, but the CVS 3.0.x version should have the fix also. The fixed 3.0.9 release should be available soon.
Greetings,
Ricardo Argüello
------------------------------------------------------- This SF.net email is sponsored by OSDN developer relations Here's your chance to show off your extensive product knowledge We want to know what you know. Tell us and you have a chance to win $100 http://www.zoomerang.com/survey.zgi?HRPT1X3RYQNC5V4MLNSV3E54 _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
