BeanShell CVE-2016-2510 Remote Code Execution Vulnerability

BeanShell is prone to remote code execution vulnerability.

Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application.

Information

Bugtraq ID: 84139
Class: Input Validation Error
CVE: CVE-2016-2510

Remote: Yes
Local: No
Published: Mar 01 2016 12:00AM
Updated: Apr 19 2017 05:05PM
Credit: Alvaro Muñoz and Christian Schneider.
Vulnerable: S.u.S.E. openSUSE 13.2
Redhat JBoss Fuse 6.2
Redhat JBoss Fuse 6.1.0
Redhat JBoss Fuse 6.0.0
Oracle Retail Customer Management and Segmentation Foundation 15.0
IBM Leads 9.1.1
IBM Leads 9.1
IBM Leads 9.0
IBM Leads 8.6
IBM Leads 8.5
IBM Kenexa LCMS Premier 10.0
IBM Kenexa LCMS Premier 9.5
IBM Kenexa LCMS Premier 9.4
IBM Kenexa LCMS Premier 9.3
IBM Kenexa LCMS Premier 9.2.1
IBM Kenexa LCMS Premier 9.2
IBM Kenexa LCMS Premier 9.1
IBM Kenexa LCMS Premier 9.0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
beanshell beanshell 2.0

Not Vulnerable: IBM Kenexa LCMS Premier 10.1
beanshell beanshell 2.0b6

References:

• Avoid (de)serialization of XThis.Handler (Github)
  
• Beanshell Homepage (beanshell)
  
• Oracle Critical Patch Update Advisory - April 2017 (Oracle)
  
• swg21982167: Security Bulletin: Vulnerability in BeanShell affects IBM Leads (CV (IBM)
  
• swg21985108: Security Bulletin: A vulnerability in Open Source BeanShell has bee (IBM)
  

Source: www.securityfocus.com