BeanShell (bsh) prior to 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote malicious users to execute arbitrary code via crafted serialized data, related to XThis.Handler.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
beanshell beanshell 1.0 |
||
beanshell beanshell 2.0 |
||
debian debian linux 7.0 |
||
debian debian linux 8.0 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 15.10 |