This affects all the releases of Jenkins to date (main line releases up
to 1.452 and LTS up to 1.424.3.) Please upgrade to the new releases at
your earliest convenience, especially if your Jenkins is internet facing.
See [1] for more details.
[1]
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-03-05
--
Kohsuke Kawaguchi | CloudBees, Inc. | http://cloudbees.com/
Try Nectar, our professional version of Jenkins