'[oss-security] Re: CVE-2016-5019: MyFaces Trinidad view state deserialization security vulnerability'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: CVE-2016-5019: MyFaces Trinidad view state deserialization security vulnerability
From:       Mike Kienenberger <mkienenb () gmail ! com>
Date:       2016-09-29 17:00:23
Message-ID: CAM1yOjaPOgtTyEu9+H2eJGCqQS_95DqmyavAyvBUguWM-binYw () mail ! gmail ! com
[Download RAW message or body]

Clarification: The first line in this CVE was a copy&paste error
during message composition and is not part of the CVE.  This line can
make it sound as if CVE-2016-5019 is only an information disclosure
vulnerability rather than a deserialization attack vector.  I
apologize for the confusion.
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic