Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

VMWare Security Advisory

Published: 2015-12-19
Last Updated: 2015-12-19 00:47:05 UTC
by Russell Eubanks (Version: 1)
0 comment(s)

Today VMWare has released a security advisory VMSA-2015-0009 that address a critical deserialization vulnerability. A deserialization vulnerability involving Apache Commons-collections and a specially constructed chain of classes exists. Successful exploitation could result in remote code execution, with the permissions of the application using the Commons-collections library. 

More details are available at the VMWare Security Advisory page located at http://www.vmware.com/security/advisories/VMSA-2015-0009.html.

Russell Eubanks
0 comment(s)
Diary Archives