CVE-2011-2894

CVE Database · CVE-2011-2894

CVE-2011-2894

· N/AModified

CVSS v3.1

N/A

EPSS

8.53%

Published

Oct 4, 2011

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, and possibly other versions deserialize objects from untrusted sources, which allows remote attackers to bypass intended security restrictions and execute untrusted code by (1) serializing a java.lang.Proxy instance and using InvocationHandler, or (2) accessing internal AOP interfaces, as demonstrated using deserialization of a DefaultListableBeanFactory instance to execute arbitrary commands via the java.lang.Runtime class.

Weaknesses (CWE)

CWE-502

Affected Products (2)

vmware · spring_frameworkvulnerable

vmware · spring_securityvulnerable

References (16)

http://osvdb.org/75263

Broken Link

http://securityreason.com/securityalert/8405

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2011-1334.html

Third Party Advisory