Pełny tytuł: Apache Tika 1.13 Code Execution Vulnerability 
Kategoria: remote exploits
Platforma: java
Apache Tika wraps the jmatio parser to handle MATLAB files. The parser uses native deserialization on serialized Java objects embedded in MATLAB files. A malicious user could inject arbitrary code into a MATLAB file that would be executed when the object is deserialized. Versions 1.6 through 1.13 are affected.

# 0day.today @ http://0day.today/