Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
[EnumJavaLibs]_ Remote Java classpath enumerator
Feb 13 2020 08:22PM
RedTimmy Security (redazione segfault it)
we have just released EnumJavaLibs to perform java classes enumeration against java services.
To discover a deserialization vulnerability is often easy. When source code is available, it comes down to finding calls to readObject() and finding a way for user input to reach that function. In case...
[ more ]
Copyright 2010, SecurityFocus