20 matches found
EUVD-2013-2402
Malware in sbrugna...
Fedora: Security Advisory for python-javaobj (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: python-javaobj-0.4.3-12.fc40
python-javaobj is a python library that provides functions for reading and writing writing is WIP currently Java objects serialized or will be deserialized by ObjectOutputStream. This form of object representation is a standard data interchange format in Java world...
Deserialization Of Untrusted Data
Apache IoTDB is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to directly deserializing the key/values from the deviceOwnerFile within the deSerializeDeviceOwnerMap method. Each key/value from the owner file is parsed directly using the ObjectOutputStream class, withou...
Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (July 2017 CPU)
According to its self-reported version number, the Oracle Primavera P6 Enterprise Project Portfolio Management EPPM installation running on the remote web server is 8.3.x prior to 8.3.15.4, 8.4.x prior to 8.4.15.2, 15.x prior to 15.2.15.1, or 16.x prior to 16.2.9.0. It is, therefore, affected by...
Java deserialization vulnerability technical analysis-vulnerability warning-the black bar safety net
1 Java deserialization vulnerability background description Simply speaking serialization is the object state to be maintained or the transmission format of the processbytestream in. With the sequence of the opposite is deserialized, it will streambytestreamis converted to an object. These two...
OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the...
OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different...
OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different...
OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different...
OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the...
OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the...
OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different...
Oracle Java ObjectOutputStream Sandbox Bypass Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of...
OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the...
OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the...
OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the...
OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the...
OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the...
Improper access control
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the...