Back to search
CVE-2013-4271
Published: Oct 10, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources, which allows remote attackers to execute arbitrary Java code via a serialized object, a different vulnerability than CVE-2013-4221.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2013:1862
vendor-advisory
x_refsource_REDHAT
https://github.com/restlet/restlet-framework-java/issues/778
x_refsource_CONFIRM
http://restlet.org/learn/2.1/changes
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=999735
x_refsource_CONFIRM
RHSA-2013:1410
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now