Illegalaccess.org Security Alert – JBoss 3.2.1, the Java server for running J2EE enterprise applications, is vulnerable to denial of service attacks, log manipulation, manipulation of process variables, and arbitrary command injection.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/31773/jboss.txt
Source: https://packetstormsecurity.com/files/31773/jboss.txt.html