CVEs-PoC/2016/CVE-2016-6809.md at 5cee05fa8d41e65fccbcb37ad9d0c2370367d63f

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-08 06:06:44 +02:00

Files

T

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

1.0 KiB

Raw Blame History

CVE-2016-6809

Description

Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization.

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/AdeliaNitzsche/Java-Deserialization-Cheat-Sheet
https://github.com/Anonymous-Phunter/PHunter
https://github.com/BrittanyKuhn/javascript-tutorial
https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
https://github.com/PalindromeLabs/Java-Deserialization-CVEs
https://github.com/klausware/Java-Deserialization-Cheat-Sheet
https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet

1.0 KiB Raw Blame History

CVE-2016-6809

Description

POC

Reference

Github

1.0 KiB

Raw Blame History