Back to search
CVE-2015-7450
Published: Jan 2, 2016
Modified: Oct 21, 2025
PUBLISHED
Description
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www-01.ibm.com/support/docview.wss?uid=swg21971733
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21971342
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21971758
x_refsource_CONFIRM
77653
vdb-entry
x_refsource_BID
1035125
vdb-entry
x_refsource_SECTRACK
http://www-01.ibm.com/support/docview.wss?uid=swg21972799
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21971376
x_refsource_CONFIRM
41613
exploit
x_refsource_EXPLOIT-DB
http://www-01.ibm.com/support/docview.wss?uid=swg21970575
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now