Description

The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data.

Remediation

References

https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true

http://www.openwall.com/lists/oss-security/2017/05/22/2

Related Vulnerabilities

CVE-2021-31411 Vulnerability in maven package com.vaadin:flow-server

CVE-2018-25068 Vulnerability in maven package com.anrisoftware.globalpom:globalpomutils-fileresources

CVE-2023-24998 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core

CVE-2020-1940 Vulnerability in maven package org.apache.jackrabbit:oak-core

CVE-2016-6817 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core

Severity

Critical

Classification

CWE-502 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Third Party Advisory Mailing List