mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-26 04:00:31 +01:00
772 B
772 B
CVE-2016-0750
Description
The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code execution or conduct other attacks.
POC
Reference
No PoCs from references.