Vulnerabilities

CVE-2015-5254

by Fred · 08/01/2016

Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.

Date published : 2016-01-08

http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

Similar

Tags: Cybersecurity Alert