Description

The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data.

Remediation

References

http://www.openwall.com/lists/oss-security/2017/05/22/2

https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true

Related Vulnerabilities

CVE-2019-16869 Vulnerability in maven package io.netty:netty-all

CVE-2022-39230 Vulnerability in npm package fhir-works-on-aws-authz-smart

CVE-2020-7676 Vulnerability in maven package org.webjars.npm:angular

CVE-2023-50765 Vulnerability in maven package org.jenkins-ci.plugins:scriptler

CVE-2023-40346 Vulnerability in maven package io.jenkins.plugins:shortcut-job

Severity

Critical

Classification

CWE-502 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Mailing List Third Party Advisory