Lucene search
HistoryOct 10, 2013 - 12:55 a.m.
CVE-2013-4271
cve-2013-4271
restlet
objectrepresentation class
deserialization
remote code execution
7.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.1%
The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources, which allows remote attackers to execute arbitrary Java code via a serialized object, a different vulnerability than CVE-2013-4221.
Related
prion
prion
Default configuration
2013-10-10 00:55:00
Default configuration
2013-10-10 00:55:00
github
github
Restlet Arbitrary Java Code Execution via a serialized object
2022-05-17 03:28:57
Restlet is vulnerable to Arbitrary Java Code Execution via crafted XML
2022-05-17 03:28:12
ubuntucve
ubuntucve
CVE-2013-4271
2013-10-10 00:00:00
CVE-2013-4221
2013-10-10 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-07-12 06:19:18
Arbitrary Code Execution
2019-07-12 06:19:18
osv
osv
Restlet Arbitrary Java Code Execution via a serialized object
2022-05-17 03:28:57
Restlet is vulnerable to Arbitrary Java Code Execution via crafted XML
2022-05-17 03:28:12
redhat
redhat
(RHSA-2013:1410) Important: Red Hat JBoss Fuse/A-MQ 6.0.0 patch 4
2013-10-07 00:00:00
cve
cve
CVE-2013-4221
2013-10-10 00:55:00
avleonov
avleonov
CWEs in NVD CVE feed: analysis and complaints
2017-10-21 14:10:30
7.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.1%
Related for CVE-2013-4271