12 matches found
EUVD-2017-14953
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-5878
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to...
red5.aifoundation.com Cross Site Scripting vulnerability OBB-2525130
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
red5.fabulive.com Cross Site Scripting vulnerability
Security Researcher devl00p Helped patch 2581 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting red5.fabulive.com website and its users. Following...
Red5 Media Server Code Execution Vulnerability
Red5 Media Server is an open source and free streaming media server. A security vulnerability exists in AMF unmarshallers in Red5 Media Server versions prior to 1.0.8, which stems from a program that does not restrict classes when performing deserialization. A remote attacker can exploit this...
Deserialization of untrusted data
The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data...
CVE-2017-5878
The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data...
UBUNTU-CVE-2017-5878
The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data...
CVE-2017-5878
The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data...
CVE-2017-5878
The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data...
CVE-2017-5878
CVE-2017-5878 affects Red5 Media Server prior to 1.0.8, where AMF unmarshallers do not restrict classes during Java deserialization, enabling remote code execution via crafted serialized data. This vulnerability exists due to insecure deserialization in AMF handling. Affected software: Red5 Media...
Red5 Server Apache Commons Collections Insecure Deserialization
An insecure deserialization vulnerability has been reported in Red5 web server that is part of Apache OpenMeetings application. This vulnerability is due to the inclusion of the vulnerable version of Apache Commons Collections library in the classpath combined with insecure deserialization...