Description

The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data.

Remediation

References

http://www.openwall.com/lists/oss-security/2017/05/22/2

https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true

Related Vulnerabilities

CVE-2022-39299 Vulnerability in npm package @node-saml/passport-saml

CVE-2015-8859 Vulnerability in maven package org.webjars.npm:send

CVE-2019-10400 Vulnerability in maven package org.jenkins-ci.plugins:script-security

CVE-2019-8331 Vulnerability in maven package org.webjars.npm:bootstrap

CVE-2020-27218 Vulnerability in maven package org.eclipse.jetty:jetty-server

Severity

Critical

Classification

CWE-502 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Mailing List Third Party Advisory