Description

The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget classes being present on the Artemis classpath.

Remediation

References

CVE-2016-4978

Related Vulnerabilities

PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2011-0441)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32669)

Moodle Improper Access Control Vulnerability (CVE-2016-2159)

WordPress Plugin WordPress Popular Posts Multiple Vulnerabilities (5.3.2)

WordPress Plugin AdRotate-Ad manager & AdSense Ads SQL Injection (3.9.4)

Severity

High

Classification

CVE-2016-4978 CWE-502 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities