Apache Flex BlazeDS CVE-2017-5641 Remote Code Execution Vulnerability



Apache Flex BlazeDS is prone to remote code-execution vulnerability.

Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions.

Apache Flex BlazeDS versions 4.6.0.23207 and 4.7.2 are vulnerable.

Information

Bugtraq ID: 97383
Class: Input Validation Error
CVE: CVE-2017-5641

Remote: Yes
Local: No
Published: Apr 04 2017 12:00AM
Credit: Markus Wulftange
Vulnerable: Apache Flex BlazeDS 4.7.2
Apache Flex BlazeDS 4.6.0.23207


Not Vulnerable: Apache Flex BlazeDS 4.7.3



Related Posts

Comments