Red Hat · Wildfly · CVE-2015-5220
**Name of the Vulnerable Software and Affected Versions**
Red Hat Enterprise Application Platform (EAP) versions prior to 6.4.4
WildFly (formerly JBoss Application Server) versions prior to 6.4.4
**Description**
The issue allows remote attackers to cause a denial of service (memory consumption) via a large request header. This is due to a buffer overflow vulnerability in the Web Console of the affected platforms.
**Recommendations**
For Red Hat Enterprise Application Platform (EAP) versions prior to 6.4.4, update to version 6.4.4 or later.
For WildFly (formerly JBoss Application Server) versions prior to 6.4.4, update to version 6.4.4 or later.