An insecure deserialization vulnerability exists in the Flex integration service of Adobe ColdFusion. The vulnerability is due to the lack of input validation on objects in the RMI Registry before deserializing them. A remote, unauthenticated attacker can exploit this vulnerability by sending maliciously crafted serialized data to the target application.
from Check Point Update Services Advisories http://ift.tt/2nc0hEL
Subscribe to:
Post Comments (Atom)
Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading
Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads...
-
Original release date: November 08, 2018 Summary JBoss Verify and EXploitation tool (JexBoss) is an open-source tool used by cybersecurity...
-
Original release date: May 21, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded b...
-
Original release date: January 29, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been record...
-
It's no secret that learning how to code is one of the most important things you can do when it comes to the beginning or furthering pra...
-
Original release date: February 12, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recor...
-
Original release date: February 26, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recor...
-
Os estragos causados pelo ataque com ransomware ao Superior Tribunal de Justiça (STJ) ainda não são totalmente conhecidos. A Polícia Federa...
-
Original release date: March 9, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD . In som...
-
Original release date: January 08, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been record...
-
A four-year-old severe vulnerability has been discovered in the Secure Shell (SSH) implementation library known as Libssh that could allow a...
No comments:
Post a Comment