Critical severity9.8NVD Advisory· Published Apr 11, 2017· Updated Jun 17, 2026
CVE-2016-0779
CVE-2016-0779
Description
The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
6- tomee.apache.org/security/tomee.htmlnvdPatchVendor Advisory
- packetstormsecurity.com/files/136256/Apache-TomEE-Patched.htmlnvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/79204nvdThird Party AdvisoryVDB Entry
- www.zerodayinitiative.com/advisories/ZDI-15-638nvdThird Party AdvisoryVDB Entry
- tomee-openejb.979440.n4.nabble.com/Document-resolved-vulnerability-CVE-2015-8581-td4678073.htmlnvdIssue Tracking
- www.securityfocus.com/archive/1/537806/100/0/threadednvd
News mentions
0No linked articles in our index yet.