Arbitrary Code Execution Vulnerability in Apache TomEE
CVE-2016-0779 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object.
Learn more about our Cis Benchmark Audit For Apache Http Server.