Arbitrary Code Execution Vulnerability in Apache TomEE

Arbitrary Code Execution Vulnerability in Apache TomEE

CVE-2016-0779 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object.

Learn more about our Cis Benchmark Audit For Apache Http Server.