Uploaded image for project: 'Apache Flex'
  1. Apache Flex
  2. FLEX-35290

Deserialization of Untrusted Data via Externalizable.readExternal

    Details

    • Flags:
      Important

      Description

      The AMF deserialization implementation of Flex BlazeDS is vulnerable to Deserialization of Untrusted Data via Externalizable.readExternal(ObjectInput).

      By sending a specially crafted AMF message, it is possible to make the server establish a connection to an endpoint specified in the message and request an RMI remote object from that endpoint. This can result in the execution of arbitrary code on the server via Java deserialization.

        Attachments

          Activity

            People

            • Assignee:
              cdutz Christofer Dutz
              Reporter:
              markus.wulftange@code-white.com Markus Wulftange
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: