CVE-2016-0750

2018-09-11T13:29:00
ID CVE-2016-0750
Type cve
Reporter cve@mitre.org
Modified 2019-10-09T23:16:00

Description

The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code execution or conduct other attacks.