[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Re: CVE-2016-5019: MyFaces Trinidad view state deserialization security vulnerability
From: Mike Kienenberger <mkienenb () gmail ! com>
Date: 2016-09-29 17:00:23
Message-ID: CAM1yOjaPOgtTyEu9+H2eJGCqQS_95DqmyavAyvBUguWM-binYw () mail ! gmail ! com
[Download RAW message or body]
Clarification: The first line in this CVE was a copy&paste error
during message composition and is not part of the CVE. This line can
make it sound as if CVE-2016-5019 is only an information disclosure
vulnerability rather than a deserialization attack vector. I
apologize for the confusion.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic