A poison null byte flaw was found in the implementation of the DiskFileItem class. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is permitted by the user running the application server process.
This issue has been addressed in following products: JBEWS 1.0 for RHEL 5 JBEWS 1.0 for RHEL 6 Via RHSA-2013:1428 https://rhn.redhat.com/errata/RHSA-2013-1428.html
This issue has been addressed in following products: Red Hat JBoss BRMS 5.3.1 Red Hat JBoss Portal 4.3 CP07, 5.2.2 and 6.0.0 Via RHSA-2013:1430 https://rhn.redhat.com/errata/RHSA-2013-1430.html
This issue has been addressed in following products: Red Hat JBoss Web Server 1.0.2 Via RHSA-2013:1429 https://rhn.redhat.com/errata/RHSA-2013-1429.html
This issue has been addressed in following products: Red Hat JBoss SOA Platform 4.3.0.GA_CP05 Red Hat JBoss SOA Platform 5.3.1 GA Via RHSA-2013:1442 https://rhn.redhat.com/errata/RHSA-2013-1442.html
This issue has been addressed in following products: Red Hat JBoss Operations Network 3.1.2 Via RHSA-2013:1448 https://rhn.redhat.com/errata/RHSA-2013-1448.html
Please note that Satellite 5 is not affected by this vulnerability. defaultReadObject is not used in the code anywhere, and as such Satellite is not vulnerable.
This issue has been addressed in the following products: RHEL 7 Version of OpenShift Enterprise 3.1 Via RHSA-2016:0070 https://access.redhat.com/errata/RHSA-2016:0070