Unrated severityNVD Advisory· Published Nov 27, 2006· Updated Apr 23, 2026

CVE-2006-5750

Description

Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 through 4.0.5 allows remote authenticated users to read or modify arbitrary files, and possibly execute arbitrary code, via unspecified vectors related to the console manager.

Affected products

JBoss/Jboss Application Server12 versions
cpe:2.3:a:jboss:jboss_application_server:3.2.5_final:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:jboss:jboss_application_server:3.2.5_final:*:*:*:*:*:*:*
- cpe:2.3:a:jboss:jboss_application_server:3.2.6_final:*:*:*:*:*:*:*
- cpe:2.3:a:jboss:jboss_application_server:3.2.7_final:*:*:*:*:*:*:*
- cpe:2.3:a:jboss:jboss_application_server:3.2.8_final:*:*:*:*:*:*:*
- cpe:2.3:a:jboss:jboss_application_server:3.2.8.sp1:*:*:*:*:*:*:*
- cpe:2.3:a:jboss:jboss_application_server:4.0.0_final:*:*:*:*:*:*:*
- cpe:2.3:a:jboss:jboss_application_server:4.0.1_final:*:*:*:*:*:*:*
- cpe:2.3:a:jboss:jboss_application_server:4.0.1_sp1:*:*:*:*:*:*:*
- cpe:2.3:a:jboss:jboss_application_server:4.0.2_final:*:*:*:*:*:*:*
- cpe:2.3:a:jboss:jboss_application_server:4.0.3_final:*:*:*:*:*:*:*
- cpe:2.3:a:jboss:jboss_application_server:4.0.4.ga:*:*:*:*:*:*:*
- cpe:2.3:a:jboss:jboss_application_server:4.0.5.ga:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.018
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000