6 matches found
EUVD-2016-7422
Malware in sbrugna...
ForgeRock OpenIDM and OpenICF RACF Connector Component Arbitrary Code Execution Vulnerability
ForgeRock OpenIDM and OpenICF are both products of ForgeRock, USA. The former is a set of enterprise identity management software, the latter is a set of frameworks used to build or help develop a variety of connectors.RACF Connector is one of the security management connection components. A...
CVE-2016-6500
Unspecified methods in the RACF Connector component before 1.1.1.0 in ForgeRock OpenIDM and OpenICF improperly call the SearchControls constructor with returnObjFlag set to true, which allows remote attackers to execute arbitrary code via a crafted serialized Java object, aka LDAP entry poisoning...
Code injection
Unspecified methods in the RACF Connector component before 1.1.1.0 in ForgeRock OpenIDM and OpenICF improperly call the SearchControls constructor with returnObjFlag set to true, which allows remote attackers to execute arbitrary code via a crafted serialized Java object, aka LDAP entry poisoning...
CVE-2016-6500
CVE-2016-6500 affects ForgeRock OpenIDM and OpenICF, specifically the RACF Connector component prior to version 1.1.1.0. The underlying issue is an improper call to the SearchControls constructor with returnObjFlag set to true, which enables an attacker to trigger arbitrary code execution by send...
CVE-2016-6500
Unspecified methods in the RACF Connector component before 1.1.1.0 in ForgeRock OpenIDM and OpenICF improperly call the SearchControls constructor with returnObjFlag set to true, which allows remote attackers to execute arbitrary code via a crafted serialized Java object, aka LDAP entry poisoning...