CVE-2016-1487
First published: Mon Mar 09 2020(Updated: )
Lexmark Markvision Enterprise before 2.3.0 misuses the Apache Commons Collections Library, leading to remote code execution because of Java deserialization.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Lexmark Markvision Enterprise | <2.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2016-1487?
CVE-2016-1487 is a vulnerability in Lexmark Markvision Enterprise before 2.3.0 that leads to remote code execution due to misuse of the Apache Commons Collections Library and Java deserialization.
What software is affected by CVE-2016-1487?
Lexmark Markvision Enterprise versions up to 2.3.0 are affected by CVE-2016-1487.
What is the severity of CVE-2016-1487?
CVE-2016-1487 has a severity rating of 8.8 (high).
How does CVE-2016-1487 lead to remote code execution?
CVE-2016-1487 leads to remote code execution due to the misuse of the Apache Commons Collections Library and Java deserialization.
How can I fix CVE-2016-1487?
To fix CVE-2016-1487, update Lexmark Markvision Enterprise to version 2.3.0 or higher.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/lexmark
- canonical/lexmark markvision enterprise