The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML.
References
Link | Resource |
---|---|
http://blog.diniscruz.com/2013/08/using-xmldecoder-to-execute-server-side.html | Third Party Advisory |
http://restlet.org/learn/2.1/changes | Release Notes Vendor Advisory |
http://rhn.redhat.com/errata/RHSA-2013-1410.html | Third Party Advisory |
https://github.com/restlet/restlet-framework-java/issues/774 | Patch Issue Tracking |
https://bugzilla.redhat.com/show_bug.cgi?id=995275 | Issue Tracking Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2013-1862.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2013-10-09 17:55
Updated : 2016-12-07 10:13
NVD link : CVE-2013-4221
Mitre link : CVE-2013-4221
JSON object : View
Products Affected
restlet
- restlet