Deserialization Bug in PayPal App Allowed Code Execution

PayPal has addressed a serious remote code execution vulnerability caused by a Java deserialization bug disclosed last year, and shared some recommendations for security practitioners based on the lessons learned in the process of dealing with the issue.

Deserialization of Untrusted Data

read more

Read more: Deserialization Bug in PayPal App Allowed Code Execution

Story added 27. January 2016, content source with full text you can find at link above.