Red Hat Security Advisory 2015-2536-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
5e8bbed2f3b25ac34f8aa82ddcbb89fe5dec0fbe452544181c9fe747178a3796