oss-sec mailing list archives
[CVE-2016-8736] Apache Openmeetings RMI Registry Java Deserialization RCE
From: Maxim Solodovnik <solomax () apache org>
Date: Tue, 8 Nov 2016 08:49:09 +0700
Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings 3.1.0 Description: Apache Openmeetings is vulnerable to Remote Code Execution via RMI deserialization attack The issue was fixed in 3.1.2 All users are recommended to upgrade to Apache OpenMeetings 3.1.3 Credit: This issue was identified by Jacob Baines, Tenable Network Security Apache OpenMeetings Team
Current thread:
- [CVE-2016-8736] Apache Openmeetings RMI Registry Java Deserialization RCE Maxim Solodovnik (Nov 07)