Published: 11/04/2017 Updated: 21/11/2024

The EjbObjectInputStream class in Apache TomEE prior to 1.7.4 and 7.x prior to 7.0.0-M3 allows remote malicious users to execute arbitrary code via a crafted serialized object.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache tomee
apache tomee 7.0.0

CWE-502 https://nvd.nist.gov https://www.first.org/epss http://packetstormsecurity.com/files/136256/Apache-TomEE-Patched.html http://tomee-openejb.979440.n4.nabble.com/Document-resolved-vulnerability-CVE-2015-8581-td4678073.html http://tomee.apache.org/security/tomee.html http://www.securityfocus.com/archive/1/537806/100/0/threaded http://www.securityfocus.com/bid/79204 http://www.zerodayinitiative.com/advisories/ZDI-15-638 http://packetstormsecurity.com/files/136256/Apache-TomEE-Patched.html http://tomee-openejb.979440.n4.nabble.com/Document-resolved-vulnerability-CVE-2015-8581-td4678073.html http://tomee.apache.org/security/tomee.html http://www.securityfocus.com/archive/1/537806/100/0/threaded http://www.securityfocus.com/bid/79204 http://www.zerodayinitiative.com/advisories/ZDI-15-638

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-0779

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect