The JBoss EAP 430_CP09 security updates for Red Hat Enterprise Linux 4, Red Hat Enterprise Linux 5 and the Customer Support Portal did not, unlike the erratum text stated, provide a fix for CVE-2010-3862, a Denial-of-Service (DoS) flaw in the jboss-remoting component. A missing patch is considered a security regression, and requires a new CVE name. This regression is assigned CVE-2010-4265. It fixes the same issue as CVE-2010-3862 and is specific to JBoss EAP 430_CP09.
This issue has been addressed in following products: JBEAP 4.3.0 for RHEL 4 JBEAP 4.3.0 for RHEL 5 Via RHSA-2010:0964 https://rhn.redhat.com/errata/RHSA-2010-0964.html
This issue has been addressed in following products: JBoss Enterprise Application Platform 4.3.0.CP09 Via RHSA-2010:0965 https://rhn.redhat.com/errata/RHSA-2010-0965.html