4 matches found
Adobe ColdFusion DataServicesCFProxy Commons BeanUtils Insecure Deserialization (CVE-2018-15959)
An insecure deserialization vulnerability exists in the Flex integration service of Adobe ColdFusion. The vulnerability is due to the lack of input validation. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe ColdFusion DataServicesCFProxy Insecure Deserialization (CVE-2018-4939)
An insecure deserialization vulnerability exists in the Flex integration service of Adobe ColdFusion. The vulnerability is due to the lack of input validation. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe ColdFusion DataServicesCFProxy Insecure Deserialization (CVE-2017-11283)
An insecure deserialization vulnerability exists in the Flex integration service of Adobe ColdFusion. The vulnerability is due to the lack of input validation by the DataServicesCFProxy. A successful attack could lead to a remote code execution...
Adobe ColdFusion RMI Registry Insecure Deserialization (CVE-2017-11284)
An insecure deserialization vulnerability exists in the Flex integration service of Adobe ColdFusion. The vulnerability is due to the lack of input validation on objects in the RMI Registry before deserializing them. A remote, unauthenticated attacker can exploit this vulnerability by sending...