Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: VMWare Security Advisory SANS ISC InfoSec Forums

Special Webcast: What you need to know about the crypt32.dll vulnerability. Register Now

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
VMWare Security Advisory

Today VMWare has released a security advisory VMSA-2015-0009 that address a critical deserialization vulnerability. A deserialization vulnerability involving Apache Commons-collections and a specially constructed chain of classes exists. Successful exploitation could result in remote code execution, with the permissions of the application using the Commons-collections library. 

More details are available at the VMWare Security Advisory page located at

Russell Eubanks
I will be teaching next: A Practical Introduction to Risk Assessment - SANS Security East 2020


98 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!