3 matches found
Security Bulletin: IBM Security Verify Governance is vulnerable to remote attacks to execute arbitrary code on the system [CVE-2013-4521, CVE-2013-2165 and CVE-2018-14667]
Summary IBM Security Verify Governance is vulnerable to remote attacks to execute arbitrary code on the system CVE-2013-4521. IBM Security Verify Governance is vulnerable to remote attacks caused by an error related to the handling of deserialization CVE-2013-2165. IBM Security Verify Governance ...
CVE-2013-4521
RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data. NOTE: this vulnerability may overlap CVE-2013-216...
CVE-2013-4521
CVE-2013-4521 affects the RichFaces deserialization path in Nuxeo Platform (versions 5.6.0 before HF27 and 5.8.0 before HF-01). The vulnerability arises because the implementation does not restrict which classes’ deserialization methods can be called, enabling a remote attacker to execute arbitra...