Vulnerability-Lookup

CNVD-2017-10735

Vulnerability from cnvd - Published: 2017-06-22

Title

WebORB for Java远程代码执行漏洞

Description

Midnight Coders WebORB for Java是美国Midnight Coders公司的一款跨平台为桌面、浏览器和移动客户端以及相应的Java POJO等组件和Web服务的数据和媒体提供通用连接的集成服务器。 Midnight Coders WebORB for Java 5.1.1.0版本中存在远程代码执行漏洞。远程攻击者可利用该漏洞在受影响应用程序的上下文中执行任意代码。

Severity

高

Formal description

目前没有详细的解决方案提供： http://www.themidnightcoders.com/products/weborb-for-java/overview.html

Reference

http://www.securityfocus.com/bid/97384

Impacted products

Name
Macromedia WebORB for Java 5.1.1.0

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "97384"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-3207"
    }
  },
  "description": "Midnight Coders WebORB for Java\u662f\u7f8e\u56fdMidnight Coders\u516c\u53f8\u7684\u4e00\u6b3e\u8de8\u5e73\u53f0\u4e3a\u684c\u9762\u3001\u6d4f\u89c8\u5668\u548c\u79fb\u52a8\u5ba2\u6237\u7aef\u4ee5\u53ca\u76f8\u5e94\u7684Java POJO\u7b49\u7ec4\u4ef6\u548cWeb\u670d\u52a1\u7684\u6570\u636e\u548c\u5a92\u4f53\u63d0\u4f9b\u901a\u7528\u8fde\u63a5\u7684\u96c6\u6210\u670d\u52a1\u5668\u3002\r\n\r\nMidnight Coders WebORB for Java 5.1.1.0\u7248\u672c\u4e2d\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Markus Wulftange",
  "formalWay": "\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u89e3\u51b3\u65b9\u6848\u63d0\u4f9b\uff1a\r\nhttp://www.themidnightcoders.com/products/weborb-for-java/overview.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-10735",
  "openTime": "2017-06-22",
  "products": {
    "product": "Macromedia WebORB for Java 5.1.1.0"
  },
  "referenceLink": "http://www.securityfocus.com/bid/97384",
  "serverity": "\u9ad8",
  "submitTime": "2017-05-24",
  "title": "WebORB for Java\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2017-3207 (GCVE-0-2017-3207)

Vulnerability from cvelistv5 – Published: 2018-06-11 17:00 – Updated: 2024-08-05 14:16

Title

WebORB for Java by Midnight Coders, version 5.1.1.0, Action Message Format (AMF3) Java implementation is vulnerable to insecure deserialization

Summary

The Java implementations of AMF3 deserializers in WebORB for Java by Midnight Coders, version 5.1.1.0, derive class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized.

Severity

No CVSS data available.

CWE

CWE-502 - Deserialization of Untrusted Data

Assigner

certcc

References

4 references

URL	Tags
https://codewhitesec.blogspot.com/2017/04/amf.html	x_refsource_MISC
https://www.kb.cert.org/vuls/id/307983	third-party-advisoryx_refsource_CERT-VN
http://www.securityweek.com/flaws-java-amf-librar…	x_refsource_MISC
http://www.securityfocus.com/bid/97384	vdb-entryx_refsource_BID

Impacted products

1 product

Vendor	Product	Version
Midnight Coders	WebORB for Java	Affected: 5.1.1.0

Date Public

2017-04-04 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:16:28.311Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://codewhitesec.blogspot.com/2017/04/amf.html"
          },
          {
            "name": "VU#307983",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/307983"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securityweek.com/flaws-java-amf-libraries-allow-remote-code-execution"
          },
          {
            "name": "97384",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97384"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebORB for Java",
          "vendor": "Midnight Coders",
          "versions": [
            {
              "status": "affected",
              "version": "5.1.1.0"
            }
          ]
        }
      ],
      "datePublic": "2017-04-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Java implementations of AMF3 deserializers in WebORB for Java by Midnight Coders, version 5.1.1.0, derive class instances from java.io.Externalizable rather than the AMF3 specification\u0027s recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502: Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-12T09:57:01.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://codewhitesec.blogspot.com/2017/04/amf.html"
        },
        {
          "name": "VU#307983",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/307983"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securityweek.com/flaws-java-amf-libraries-allow-remote-code-execution"
        },
        {
          "name": "97384",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97384"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "WebORB for Java by Midnight Coders, version 5.1.1.0, Action Message Format (AMF3) Java implementation is vulnerable to insecure deserialization",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-3207",
          "STATE": "PUBLIC",
          "TITLE": "WebORB for Java by Midnight Coders, version 5.1.1.0, Action Message Format (AMF3) Java implementation is vulnerable to insecure deserialization"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebORB for Java",
                      "version": {
                        "version_data": [
                          {
                            "affected": "=",
                            "version_affected": "=",
                            "version_name": "5.1.1.0",
                            "version_value": "5.1.1.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Midnight Coders"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Java implementations of AMF3 deserializers in WebORB for Java by Midnight Coders, version 5.1.1.0, derive class instances from java.io.Externalizable rather than the AMF3 specification\u0027s recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-502: Deserialization of Untrusted Data"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://codewhitesec.blogspot.com/2017/04/amf.html",
              "refsource": "MISC",
              "url": "https://codewhitesec.blogspot.com/2017/04/amf.html"
            },
            {
              "name": "VU#307983",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/307983"
            },
            {
              "name": "http://www.securityweek.com/flaws-java-amf-libraries-allow-remote-code-execution",
              "refsource": "MISC",
              "url": "http://www.securityweek.com/flaws-java-amf-libraries-allow-remote-code-execution"
            },
            {
              "name": "97384",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97384"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-3207",
    "datePublished": "2018-06-11T17:00:00.000Z",
    "dateReserved": "2016-12-05T00:00:00.000Z",
    "dateUpdated": "2024-08-05T14:16:28.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-10735

CVE-2017-3207 (GCVE-0-2017-3207)

Tags

Sightings

Nomenclature