Description of problem: Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors.
This only affects the standalone version of ActiveMQ shipped with JBoss A-MQ. It is fixed in version 6.2.0.
*** This bug has been marked as a duplicate of bug 1258309 ***