2 matches found
CVE-2017-5878
The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data...
CVE-2017-5878
CVE-2017-5878 affects Red5 Media Server prior to 1.0.8, where AMF unmarshallers do not restrict classes during Java deserialization, enabling remote code execution via crafted serialized data. This vulnerability exists due to insecure deserialization in AMF handling. Affected software: Red5 Media...