4 matches found
CVE-2017-3201
The Java implementation of AMF3 deserializers used in Flamingo amf-serializer by Exadel, version 2.2.0 derives class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an...
Exadel Flamingo XML External Entity Injection Vulnerability
Exadel Flamingo is a set of tools for bootstrapping RIA applications built with a Java backend. An XML external entity injection vulnerability exists in Exadel Flamingo version 2.2.0. An attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service...
Exadel Flamingo Remote Code Execution Vulnerability
Exadel Flamingo is a set of tools for bootstrapping RIA applications built with a Java backend. A remote code execution vulnerability exists in Exadel Flamingo version 2.2.0. A remote attacker could exploit this vulnerability to execute arbitrary code in the context of an affected application...
Exadel Flamingo Remote Code Execution Vulnerability (CNVD-2017-10732)
Exadel Flamingo is a set of tools for bootstrapping RIA applications built with a Java backend. A remote code execution vulnerability exists in Exadel Flamingo version 2.2.0. A remote attacker could exploit this vulnerability to execute arbitrary code in the context of an affected application...