Pivotal Spring Flex CVE-2017-3203 Remote Code Execution Vulnerability

Pivotal Spring Flex is prone to remote code-execution vulnerability.

Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions.

Information

Bugtraq ID: 97376
Class: Input Validation Error
CVE: CVE-2017-3203

Remote: Yes
Local: No
Published: Apr 04 2017 12:00AM
Credit: Markus Wulftange
Vulnerable: Pivotal spring-flex 0

Not Vulnerable:

References:

• Pivotal Homepage (Pivotal)
  
• VU#307983: AMF3 Java implementations are vulnerable to insecure deserialization (CERT)
  

Source: www.securityfocus.com