CVE-2016-4978 is a vulnerability in Apache Activemq Artemis
Published on September 27, 2016

The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget classes being present on the Artemis classpath.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2016-4978

Want to know whenever a new CVE is published for Apache Activemq Artemis? stack.watch will email you.

Apache Activemq Artemis

Exploit Probability

EPSS

1.08%

Percentile

77.60%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2016-4978 is a vulnerability in Apache Activemq ArtemisPublished on September 27, 2016

Products Associated with CVE-2016-4978

Exploit Probability

CVE-2016-4978 is a vulnerability in Apache Activemq Artemis
Published on September 27, 2016