The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources, which allows remote attackers to execute arbitrary Java code via a serialized object, a different vulnerability than CVE-2013-4221.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2013-10-10T00:00:00
Updated: 2024-08-06T16:38:01.864Z
Reserved: 2013-06-12T00:00:00
Link: CVE-2013-4271
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2013-10-10T00:55:14.897
Modified: 2016-12-06T19:17:31.420
Link: CVE-2013-4271
Redhat