Oracle WebLogic Server UnicastRef Insecure Deserialization (CVE-2017-3248)
An insecure deserialization vulnerability has been reported in Oracle WebLogic Server. This vulnerability is due to deseralization of untrusted data while having the UnicastRef class in the code path. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted...