Debian Security Update DSA-4619 libxmlrpc3-java - security update

Thread starter LinuxBot
Start date Feb 7, 2020

LinuxBot

Member

Feb 7, 2020

Guillaume Teissier reported that the XMLRPC client in libxmlrpc3-java, an XML-RPC implementation in Java, does perform deserialization of the server-side exception serialized in the faultCause attribute of XMLRPC error response messages. A malicious XMLRPC server can take advantage of this flaw to execute arbitrary code with the privileges of an application using the Apache XMLRPC client library.

Continue reading...

You must log in or register to reply here.

Facebook X (Twitter) Reddit Pinterest Tumblr WhatsApp Email Link

Members online

Total: 815 (members: 7, guests: 808)

Latest posts

James Bond Style Encryption: Using Cryptsetup LUKS to Setup Encryption with Plausible Deniability
- Latest: blunix
- 13 minutes ago
Linux Security
Use a Flash Drive or an SD card as Ram?
- Latest: MikeWalsh
- Today at 12:01 PM
General Linux Questions
B
Can't detect my nvme SSD on Linux mint edge boot usb
- Latest: banana789
- Today at 11:54 AM
Getting Started
W
Getting Started I Hope.
- Latest: wm460
- Today at 11:10 AM
Getting Started
K
synaptic vs software manager vs THE WORLD
- Latest: KGIII
- Today at 4:18 AM
General Computing

Top