Remote Code Execution (RCE)

system.data.common is vulnerable to remote code execution RCE. The vulnerability exists as it allows unrestricted polymorphic deserialization in DataSet without proper validation...

Oracle WebCenter Portal Multiple Vulnerabilities (Jul 2020 CPU)

Binary data oraclewebcenterportalcpujul2020.nbin...

Remote Code Execution

jackson-databind is vulnerable to remote code execution. It was possible to use the org.jsecurity gadget type as a serialization gadget through polymorphic typing and execute arbitrary code on the system...

Linux/x86 /etc/hosts Mapping Add Polymorphic Shellcode

102 bytes small Linux/x86 add map in /etc/hosts file polymorphic shellcode. Title: Linux/x86 - Add map in /etc/hosts file polymorphic shellcode 102 bytes Author: Xenofon Vassilakopoulos Date: 2020-06-15 Tested on: Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux...

GHSA-F3J5-RMMP-3FC5 Improper Input Validation in jackson-databind

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10 and 2.8.11.5. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup...

Improper Input Validation in jackson-databind

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10 and 2.8.11.5. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup...

jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery SSRF attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization...

jackson-databind: exfiltration/XXE in some JDK classes

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the slf4j, flex messaging, sun DRSHelper and JAX-WS gadgets when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when...

jackson-databind: improper polymorphic deserialization in jboss-common-core class

A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code...

jackson-databind: arbitrary code execution in slf4j-ext class

A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code...

jackson-databind: improper polymorphic deserialization in axis2-transport-jms class

A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the axis2-transport-jms class. An attacker could use this flaw to execute arbitrary code...

jackson-databind: improper polymorphic deserialization in openjpa class

A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code...

jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the c3p0 gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS ...

Remote Code Execution

jackson-databind is vulnerable to remote code execution. It was possible to use the apache-drill gadget type as a serialization gadget through polymorphic typing and execute arbitrary code on the system...

Remote Code Execution (RCE)

jackson-databind is vulnerable to deserialization of untrusted data that can lead to remote code execution. It is possible because the untrusted class com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool was not filtered by default from the interaction between serialization gadgets and...

Linux/x86 /etc/hosts Mapping Add Polymorphic Shellcode (102 bytes)

Title: Linux/x86 - Add map in /etc/hosts file polymorphic shellcode 102 bytes Author: Xenofon Vassilakopoulos Tested on: Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux Architecture: i686 GNU/Linux Shellcode Length: 102 bytes Original shellcode:...

Linux/x86 ASLR Deactivation Polymorphic - Shellcode

124 bytes small ASLR deactivation polymorphic shellcode. Title: Linux/x86 - ASLR deactivation polymorphic shellcode 124 bytes Author: Xenofon Vassilakopoulos Date: 2020-06-11 Tested on: Linux 3.13.0-32-generic 57precise1-Ubuntu i686 i386 GNU/Linux Architecture: i686 GNU/Linux Shellcode Length: 12...

Linux/x86 ASLR Deactivation Polymorphic Shellcode (124 bytes)

Title: Linux/x86 - ASLR deactivation polymorphic shellcode 124 bytes Author: Xenofon Vassilakopoulos Date: 2020-06-11 Tested on: Linux 3.13.0-32-generic 57precise1-Ubuntu i686 i386 GNU/Linux Architecture: i686 GNU/Linux Shellcode Length: 124 bytes Original shellcode:...

Linux/x86 Tiny Read Polymorphic Shellcode (75 bytes)

Title: Linux/x86 - Tiny Read Polymorphic Shellcode 75 bytes Author: Xenofon Vassilakopoulos Tested on: Linux 3.13.0-32-generic 57precise1-Ubuntu i686 i386 GNU/Linux Blog: https://xenovass.wordpress.com/2019/06/26/slae-assignment-6-create-polymorphic-shellcode/ Architecture: i686 GNU/Linux Shellco...

jackson-databind: Serialization gadgets in classes of the commons-configuration package

A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code...