Critical severity9.8NVD Advisory· Published Jun 8, 2017· Updated Jun 17, 2026
CVE-2017-5878
CVE-2017-5878
Description
The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2- www.openwall.com/lists/oss-security/2017/05/22/2nvdMailing ListThird Party Advisory
- www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdfnvdThird Party Advisory
News mentions
0No linked articles in our index yet.