Showing 1 - 3 of 3

CVE-2015-5254

Status Candidate

Overview

Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.

Related Files

HP Security Bulletin HPSBMU03692 1: Posted Feb 13, 2017; Authored by HP | Site hp.com; HP Security Bulletin HPSBMU03692 1 - Multiple potential security vulnerabilities have been identified in HPE Matrix Operating Environment (MOE) on Windows. The vulnerabilities could be exploited remotely resulting in the Bypass of Security Restrictions, cross-site request forgery (CSRF), cross-site scripting (XSS), Denial of Service (DoS), Disclosure of Information, and Execution of Arbitrary Code. Revision 1 of this advisory.; tags | advisory, denial of service, arbitrary, vulnerability, xss, csrf; systems | windows; advisories | CVE-2009-5028, CVE-2011-4345, CVE-2015-5127, CVE-2015-5129, CVE-2015-5130, CVE-2015-5131, CVE-2015-5132, CVE-2015-5133, CVE-2015-5134, CVE-2015-5254, CVE-2015-5539, CVE-2015-5540, CVE-2015-5541, CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5550, CVE-2015-5551, CVE-2015-5552, CVE-2015-5553, CVE-2015-5554, CVE-2015-5555, CVE-2015-5556, CVE-2015-5557, CVE-2015-5558; SHA-256 | d734e68989cbfbc4be512dafe6404e46d2e78c0f4363cea681f59bf053260a4d; Download | Favorite | View

Red Hat Security Advisory 2016-0489-01: Posted Mar 23, 2016; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2016-0489-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. The following security issue is addressed with this release: It was found that ActiveMQ did not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the ActiveMQ application.; tags | advisory, remote, arbitrary; systems | linux, redhat; advisories | CVE-2015-5254, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319, CVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323, CVE-2015-5324, CVE-2015-5325, CVE-2015-5326, CVE-2015-7537, CVE-2015-7538, CVE-2015-7539, CVE-2015-8103; SHA-256 | c167e3d8f6f600ab83c359b1f2e0d619cadb47f08e42a17fb9a8a88b9b2d5e66; Download | Favorite | View

Debian Security Advisory 3524-1: Posted Mar 21, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3524-1 - It was discovered that the ActiveMQ Java message broker performs unsafe deserialisation.; tags | advisory, java; systems | linux, debian; advisories | CVE-2015-5254; SHA-256 | 026b81c4d359d32407cfe76c07ba260baa12c3e323b769a5d33716a3084332f1; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 234 files
indoushka 93 files
Ubuntu 87 files
Gentoo 36 files
Jasper Nota 25 files
Debian 21 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,099)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,756)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,521)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,747)
UNIX (9,436)
UnixWare (187)
Windows (6,674)
Other

CVE-2015-5254

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems