Showing 1 - 1 of 1

CVE-2016-9498

Status Candidate

Overview

ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe Java objects. The vulnerability can be exploited by remote user without authentication and it allows to execute remote code compromising the application as well as the operating system. As Application Manager's RMI registry is running with privileges of system administrator, by exploiting this vulnerability an attacker gains highest privileges on the underlying operating system.

Related Files

ManageEngine Applications Manager 12 / 13 XSS / SQL Injection / Code Execution: Posted Apr 4, 2017; Authored by Lukasz Juszczyk; ManageEngine Applications Manager versions 12 and 13 suffers from code execution, cross site scripting, XXE injection, and remote SQL injection vulnerabilities.; tags | advisory, remote, vulnerability, code execution, xss, sql injection, xxe; advisories | CVE-2016-9488, CVE-2016-9489, CVE-2016-9490, CVE-2016-9491, CVE-2016-9498; SHA-256 | e1e13048508f4633fd462aa20cb03dbf93dfb087461802ac1eb799e30684ba4e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 172 files
Ubuntu 47 files
Debian 22 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
tmrswrr 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2016-9498

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems