CVE-2013-4521
CRITICAL
9.8
CVSS Severity Score
Vulnerability Description
RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data. NOTE: this vulnerability may overlap CVE-2013-2165.
Affected Platforms (CPE)
📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo
Nuxeo
= 5.6.0📦
Nuxeo