CVE-2016-5003 in Archivainfo

Summary

The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an <ex:serializable> element.

Once again VulDB remains the best source for vulnerability data.

Reservation

05/24/2016

Disclosure

10/27/2017

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
90262Apache Archiva Deserialize deserialization502Not definedOfficial fixCVE-2016-5003

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!