[jira] [Created] (FLEX-35290) Deserialization of Untrusted Data via Externalizable.readExternal

Markus Wulftange (JIRA) Mon, 03 Apr 2017 00:24:12 -0700

Markus Wulftange created FLEX-35290:
---------------------------------------


             Summary: Deserialization of Untrusted Data via 
Externalizable.readExternal
                 Key: FLEX-35290
                 URL: https://issues.apache.org/jira/browse/FLEX-35290
             Project: Apache Flex
          Issue Type: Bug
          Components: BlazeDS
    Affects Versions: BlazeDS 4.7.2
            Reporter: Markus Wulftange
            Priority: Critical


The AMF deserialization implementation of Flex BlazeDS is vulnerable to 
Deserialization of Untrusted Data via 
{{Externalizable.readExternal(ObjectInput)}}.

By sending a specially crafted AMF message, it is possible to make the server 
establish a connection to an endpoint specified in the message and request an 
RMI remote object from that endpoint. This can result in the execution of 
arbitrary code on the server via Java deserialization.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Created] (FLEX-35290) Deserialization of Untrusted Data via Externalizable.readExternal

Reply via email to