Security Bulletin: Vulnerabilities in Apache Commons Collections and Apache Groovy affects IBM UrbanCode Build (CVE-2015-7450, CVE-2015-3253)

Summary Apache Commons Collections and Apache Groovy vulnerabilities for handling Java object deserialization were addressed by IBM UrbanCode Build Vulnerability Details CVE-ID: CVE-2015-7450 Description: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the...

Security Bulletin: Vulnerability in Apache Commons affects IBM Tivoli Composite Application Manager Agent for WebSphere Applications (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Tivoli Composite Application Manager Agent for WebSphere Applications. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker...

Security Bulletin: Vulnerability in Apache Commons affects Tivoli Network Manager Transmission Edition (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by Tivoli Network Manager Transmission Edition. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on...

Security Bulletin: Vulnerability in Apache Commons affects Watson Explorer and Watson Content Analytics (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by Watson Explorer and Watson Content Analytics. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on...

Security Bulletin: Vulnerability in Apache Commons affects IBM Content Navigator (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Content Navigator. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by...

Security Bulletin:Vulnerability in Apache Commons affects IBM Content Collector (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Content Collector. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by...

Security Bulletin: Vulnerability in Apache Commons (CVE-2015-7450), affects FileNet Content Manager and IBM Content Foundation

Summary An Apache Commons Collections vulnerability for handling Java object deserialization is addressed in the FileNet Content Manager and IBM Content Foundation products. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute...

Security Bulletin: Vulnerability in Apache Commons affects Rational DOORS Web Access (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by the Apache Software Foundation. Vulnerability Details IBM Rational DOORS Web Access is affected by the following vulnerability: CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collection...

Security Bulletin: Vulnerability in BeanShell affects IBM Emptoris Strategic Supply Management. (CVE-2016-2510).

Summary A BeanShell vulnerability for handling Java object deserialization was addressed by IBM Emptoris Strategic Supply Management Platform, IBM Contract Management and IBM Program Management products. Vulnerability Details CVEID: CVE-2016-2510 DESCRIPTION: BeanShell could allow a remote attack...

Security Bulletin: Vulnerability in Apache Commons Collections affects IBM Forms Server (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Forms Server. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by the...

Security Bulletin: Multiple vulnerabilities in bundled components affects IBM SPSS Analytic Server (CVE-2015-7450).

Summary An Apache Commons Collections vulnerability in handling Java object deserialization was addressed by IBM SPSS Analytic Server. An updated IBM WebSphere Liberty run time is shipped to address a security vulnerability in IBM SPSS Analytic Server. Vulnerability Details CVEID: CVE-2015-7450...

Security Bulletin: Vulnerability in Apache Commons affects IBM InfoSphere Information Server (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM InfoSphere Information Server. Information about this security vulnerability has been published in a WebSphere Application Server security bulletin. Vulnerability Details CVEID:...

Security Bulletin: Vulnerability in Apache Commons affects IBM Cognos Controller (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Cognos Controller. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by...

Security Bulletin: Vulnerability in Apache Commons affects IBM Algo Credit Administrator (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Algo Credit Administrator Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system,...

Security Bulletin: Vulnerability in Apache Commons might affect WebSphere Industry Content Packs and IBM Business Process Manager Industry Packs (CVE-2015-7450)

Summary A vulnerability for handling Java object deserialization in the Apache Commons Collections open source library has been reported. A vulnerable version of the library is included in templates shipped with WebSphere Industry Content Packs and IBM Business Process Manager Industry Packs...

Security Bulletin: Vulnerability in Apache Commons affects IBM WebSphere Appliance Management Center (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM WebSphere Appliance Management Center. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on th...

Vigor ACS Unsafe Flex AMF Java Object Deserialization(CVE-2017-5641)

Vulnerability Summary A vulnerability in Vigor ACS allows unauthenticated users to cause the product to execute arbitrary code. VigorACS 2 “is a powerful centralized management software for Vigor Routers and VigorAPs, it is an integrated solution for configuring, monitoring, and maintenance of...

U.S. Dept Of Defense: Remote Code Execution (RCE) in a DoD website

SUMMARY: ==================== This report describes a vulnerability similar to that described in my other reports 329376, 329397, 329399 The DoD https://████/psc/EXPROD/ Web System uses the Oracle PeopleSoft platform which is vulnerable to Remote Code Execution RCE and Denial of Service Attacks D...

U.S. Dept Of Defense: Remote Code Execution (RCE) in a DoD website

SUMMARY: ==================== The DoD https://███/psc/EXPROD/ Web System uses the Oracle PeopleSoft platform which is vulnerable to Remote Code Execution RCE and Denial of Service Attacks DoS over a Java Object Deserialization CWE-502 in the “monitor” service. Thus an attacker can generate and se...

U.S. Dept Of Defense: Remote Code Execution (RCE) in a DoD website

SUMMARY: ==================== The DoD https://██████/psc/EXPROD1/ Web System uses the Oracle PeopleSoft platform which is vulnerable to Remote Code Execution RCE and Denial of Service Attacks DoS over a Java Object Deserialization CWE-502 in the “monitor” service. Thus an attacker can generate an...