Debian: 2827-1: libcommons-fileupload-java: arbitrary file upload via d
Dec25
on December 25, 2013
at 11:09 am
Posted In: Uncategorized
(Dec 24) It was discovered that Apache Commons FileUpload, a package to make it easy to add robust, high-performance, file upload capability to servlets and web applications, incorrectly handled file names with NULL bytes in serialized instances. A remote attacker able to supply a serialized [More…]
Comment