ASA-2019-00415 – TYPO3: Possible deserialization side-effects in symfony/cache

Identifier(s) ASA-2019-00415, CVE-2019-10912, TYPO3-CORE-SA-2019-016 Title Possible deserialization side-effects in symfony/cache Vendor(s) TYPO3 Association Product(s) TYPO3 CMS Affected version(s) TYPO3 CMS versions 9.4.0 to 9.5.7 Fixed version(s) TYPO3 CMS version 9.5.8 Proof of concept Unknown Description Third party component symfony/cache could have been potentially leading to removal of arbitrary files in combination with other insecure deserialization … Continue reading ASA-2019-00415 – TYPO3: Possible deserialization side-effects in symfony/cache

ASA-2019-00370 – Oracle WebLogic Server: Deserialization vulnerability via XMLDecoder

A deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services. This remote code execution vulnerability is remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.

ASA-2019-00126 – Apache Solr: Deserialization of untrusted data via jmx.serviceUrl

ConfigAPI allows to configure Solr's JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side.

ASA-2018-00052 – phpBB: Authenticated remote code execution via Phar deserialization

Passing an absolute path to a file_exists() check in phpBB before 3.2.4 allows authenticated remote code execution through object injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions.

ASA-2018-00006 – systemd: Usage of fgets() in systemd allows for state injection during data deserialization

systemd has the ability to serialize and deserialize data. In some functions of this feature, lines longer than LINE_MAX aren't properly handled and the content of a property longer than that is interpreted as serialized state. This allows an attacker to corrupt or to inject values in the state of the service when systemd needs to deserialize data.