Flaws in Java AMF Libraries Allow Remote Code Execution

Deserialization-related vulnerabilities found in several Java implementations of AMF3 can be exploited for unauthenticated remote code execution and XXE attacks, warned CERT/CC.

read more

Read more: Flaws in Java AMF Libraries Allow Remote Code Execution

Story added 5. April 2017, content source with full text you can find at link above.