Description

The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data.

Remediation

References

http://www.openwall.com/lists/oss-security/2017/05/22/2

https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true

Related Vulnerabilities

CVE-2022-45693 Vulnerability in maven package org.codehaus.jettison:jettison

CVE-2015-6748 Vulnerability in maven package org.jsoup:jsoup

CVE-2023-37945 Vulnerability in maven package io.jenkins.plugins:miniorange-saml-sp

CVE-2023-2798 Vulnerability in maven package org.htmlunit:htmlunit

CVE-2022-40955 Vulnerability in maven package org.apache.inlong:sort-connector-mysql-cdc

Severity

Critical

Classification

CWE-502 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Mailing List Third Party Advisory