SOFA-Hessian Arbitrary Command Execution Vulnerability
SOFA-Hessian is an open source binary serialization protocol . A security vulnerability exists in SOFA-Hessian 4.0.2 and earlier versions, which stems from the program failing to blacklist com.caucho.naming.Qname and com.sun.org.apache.xpath.internal.objects.Xstring. A remote attacker can exploit...