CVE-2016-0779

Publication date

2017-04-11 16:00:00

Family

redhat

State

PUBLISHED

Description

The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object.