CVE-2016-4974: Input Validation
First published: Wed Jul 13 2016(Updated: )
Apache Qpid AMQP 0-x JMS client before 6.0.4 and JMS (AMQP 1.0) before 0.10.0 does not restrict the use of classes available on the classpath, which might allow remote authenticated users with permission to send messages to deserialize arbitrary objects and execute arbitrary code by leveraging a crafted serialized object in a JMS ObjectMessage that is handled by the getObject function.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Amqp 0-x Jms Client | <=6.0.3 | |
| Apache Jms Client Amqp | <=0.9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/137749/Apache-Qpid-Untrusted-Input-Deserialization.html
- http://qpid.apache.org/components/jms/security-0-x.html
- http://qpid.apache.org/components/jms/security.html
- http://www.securityfocus.com/archive/1/538813/100/0/threaded
- http://www.securityfocus.com/bid/91537
- http://www.securitytracker.com/id/1036239
- https://issues.apache.org/jira/browse/QPIDJMS-188
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/apache
- canonical/apache amqp 0-x jms client
- version/apache amqp 0-x jms client/6.0.3
- canonical/apache jms client amqp
- version/apache jms client amqp/0.9.0