Hi, I am using JBOSS 4.2.3 and I have noticed the vulnerability CVE-2014-3604 which seems to be critical to be cleared. I cannot upgrade the JBOSS version due to complexity of the product and I need to know how I can avoid this vulnerability within jboss 4.2.3, may be some patch or configuration change?
please help.