Red Hat JBoss vulnerability
Red Hat has announced the finding of a vulnerability that affects JBoss, which is used by the DME Server. The vulnerability can allow Remote Code Execution if not otherwise protected.
DME Server Hotfix
Excitor has produced a DME Server Hotfix that addresses the vulnerability.
The Hotfix can be applied to DME Server version 4.2 SP3 and DME Server version 4.4 SP1. If you have an older version, you need to upgrade to one of these versions before applying the Hotfix (if it is a problem for you to upgrade, please contact Ecommnet Support or if you are an existing user please use the support portal to raise an urgent support ticket).
The Hotfix can be downloaded here:
For more detailed information on the vulnerability see CVE 2015-7501 .