Identifier(s) ASA-2019-00415, CVE-2019-10912, TYPO3-CORE-SA-2019-016 Title Possible deserialization side-effects in symfony/cache Vendor(s) TYPO3 Association Product(s) TYPO3 CMS Affected version(s) TYPO3 CMS versions 9.4.0 to 9.5.7 Fixed version(s) TYPO3 CMS version 9.5.8 Proof of concept Unknown Description Third party component symfony/cache could have been potentially leading to removal of arbitrary files in combination with other insecure deserialization … Continue reading ASA-2019-00415 – TYPO3: Possible deserialization side-effects in symfony/cache
Tag: Deserialization
ASA-2019-00370 – Oracle WebLogic Server: Deserialization vulnerability via XMLDecoder
A deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services. This remote code execution vulnerability is remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.
ASA-2019-00239 – WebLogic: wls9_async and wls-wsat components trigger deserialization remote command execution vulnerability
This remote code execution vulnerability is remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.
ASA-2019-00180 – Magento: Arbitrary code execution due to unsafe deserialization of a PHP Archive
An authenticated user with privileges to configure email templates can execute arbitrary code via a PHP archive deserialization vulnerability.
ASA-2019-00178 – Magento: Arbitrary code execution due to unsafe deserialization of a PHP archive
An authenticated user with administrative privileges can execute arbitrary code through a Phar deserialization vulnerability.
ASA-2019-00126 – Apache Solr: Deserialization of untrusted data via jmx.serviceUrl
ConfigAPI allows to configure Solr's JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side.
ASA-2018-00052 – phpBB: Authenticated remote code execution via Phar deserialization
Passing an absolute path to a file_exists() check in phpBB before 3.2.4 allows authenticated remote code execution through object injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions.
ASA-2018-00006 – systemd: Usage of fgets() in systemd allows for state injection during data deserialization
systemd has the ability to serialize and deserialize data. In some functions of this feature, lines longer than LINE_MAX aren't properly handled and the content of a property longer than that is interpreted as serialized state. This allows an attacker to corrupt or to inject values in the state of the service when systemd needs to deserialize data.