93 matches found
CVE-2016-2510
BeanShell bsh before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler...
Xxe
BeanShell bsh before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler...
CVE-2016-2510
CVE-2016-2510 is BeanShell deserialization vulnerability: when BeanShell is on the classpath with Java serialization or XStream, crafted serialized data can lead to remote code execution via XThis.Handler. Public docs confirm impact across IBM Emptoris/Contract Management/Program Management suite...
CVE-2016-2510
BeanShell bsh before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler...
CVE-2016-2510
BeanShell bsh before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler...
bsh2: remote code execution via deserialization
A deserialization flaw allowing remote code execution was found in the BeanShell library. If BeanShell was on the classpath, it could permit code execution if another part of the application deserialized objects involving a specially constructed chain of classes. A remote attacker could use this...
Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.2.2 update
An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
bsh2: remote code execution via deserialization
A deserialization flaw allowing remote code execution was found in the BeanShell library. If BeanShell was on the classpath, it could permit code execution if another part of the application deserialized objects involving a specially constructed chain of classes. A remote attacker could use this...
Important: Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.2.2 update
An update is now available for Red Hat JBoss BPM Suite. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...
openSUSE: Security Advisory for bsh2 (openSUSE-SU-2016:0788-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : BeanShell vulnerability (USN-2923-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2923-1 advisory. Alvaro Muoz and Christian Schneider discovered that BeanShell incorrectly handled deserialization. A remote attacker could possibly use this issue to execute...
USN-2923-1 bsh vulnerability
Alvaro Muñoz and Christian Schneider discovered that BeanShell incorrectly handled deserialization. A remote attacker could possibly use this issue to execute arbitrary code...
USN-2923-1: BeanShell vulnerability
Alvaro Muñoz and Christian Schneider discovered that BeanShell incorrectly handled deserialization. A remote attacker could possibly use this issue to execute arbitrary code...
BeanShell Arbitrary Command Execution Vulnerability
BeanShell is an open source , free Java source code interpreter . A security vulnerability exists in BeanShell. An attacker can exploit this vulnerability to execute arbitrary commands...
[SECURITY] [DSA 3504-1] bsh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3504-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 04, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3504-1] bsh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3504-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 04, 2016 https://www.debian.org/security/faq -...
DSA-3504-1 bsh - security update
Bulletin has no description...
Debian DLA-443-1 : bsh security update
A remote code execution vulnerability was found in BeanShell, an embeddable Java source interpreter with object scripting language features. CVE-2016-2510: An application that includes BeanShell on the classpath may be vulnerable if another part of the application uses Java serialization or XStre...
DLA-443-1 bsh - security update
Bulletin has no description...
FreeBSD : bsh -- remote code execution vulnerability (9e5bbffc-d8ac-11e5-b2bd-002590263bf5)
Stian Soiland-Reyes reports : This release fixes a remote code execution vulnerability that was identified in BeanShell by Alvaro Munoz and Christian Schneider. The BeanShell team would like to thank them for their help and contributions to this fix! An application that includes BeanShell on the...