Package : bsh
Version : 2.0b4-12+deb6u1
CVE ID : CVE-2016-2510
A remote code execution vulnerability was found in BeanShell, an
embeddable Java source interpreter with object scripting language
features.
CVE-2016-2510:
An application that includes BeanShell on the classpath may be
vulnerable if another part of the application uses Java
serialization or XStream to deserialize data from an untrusted
source. A vulnerable application could be exploited for remote
code execution, including executing arbitrary shell commands.
For Debian 6 "Squeeze", these problems have been fixed in version
2.0b4-12+deb6u1.
We recommend that you upgrade your bsh packages.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | all | bsh-doc | < 2.0b4-12+deb6u1 | bsh-doc_2.0b4-12+deb6u1_all.deb |
Debian | 6 | amd64 | bsh-gcj | < 2.0b4-12+deb6u1 | bsh-gcj_2.0b4-12+deb6u1_amd64.deb |
Debian | 6 | i386 | bsh-gcj | < 2.0b4-12+deb6u1 | bsh-gcj_2.0b4-12+deb6u1_i386.deb |
Debian | 6 | all | bsh | < 2.0b4-12+deb6u1 | bsh_2.0b4-12+deb6u1_all.deb |
Debian | 6 | all | bsh-src | < 2.0b4-12+deb6u1 | bsh-src_2.0b4-12+deb6u1_all.deb |