CVE-2016-3690

CVE-2016-3690

EPSS 5.2%

The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote attackers to execute arbitrary code via a crafted serialized payload.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://access.redhat.com/solutions/178393 https://access.redhat.com/solutions/45530 https://bugzilla.redhat.com/show_bug.cgi?id=1327037 http://www.securityfocus.com/bid/99079