Versions of Bamboo 5.9.x prior to 5.9.7 contain an unspecified flaw related to Java deserialization that may allow a remote attacker to execute arbitrary code. No further details have been provided by the vendor.
Binary data 9667.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6576
jira.atlassian.com/browse/BAM-16439