All Questions
2 questions
0
votes
1
answer
2k
views
CVE-2015-4852: Evaluating Apps for Vunerability
My understanding from the write-up and example exploits of CVE-2015-4852 by Foxglove is that you need code which receives user-provided serialized objects and the Apache commons-collections present on ...
- 1,102
1
vote
2
answers
782
views
Silly Example of a Deserialisation Attack
I'm trying to understand a deserialisation attack, so I have thought of this example, if you could correct me if I have misunderstood something, that would be helpful.
I have this fiction class.
...
