漏洞类别:Local
漏洞等级: 
漏洞信息
IBM WebSphere Application Server is designed to facilitate the creation of various enterprise Web applications.
IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code with a serialized object from untrusted sources.
Affected Version -
IBM WebSphere Application Server :
Liberty
Version 9.0
Version 8.5.5
Version 8.0
Version 7.0
漏洞危害
On successful exploitation it allows remote authenticated users to execute arbitrary Java code via a crafted serialized object.
解决方案
The vendor has released a fix to resolve the issue, please refer to Recommended fixes for WebSphere Application Serverfor more information
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论