CVE-2014-1972

2015-08-22T19:59:00
ID CVE-2014-1972
Type cve
Reporter NVD
Modified 2015-08-24T12:24:56

Description

Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data.