Unrestricted deserializing from a privileged context allows an attacker to supply crafted input which, upon deserialization, can yield objects that the attacker does not have lacks permissions to construct. One example of this is the construction of a sensitive object, such as a custom class loader. (. Consequently, avoid deserializing from a privileged context. When deserializing requires privileges, programs must strip all permissions other than the minimum set required for the intended usage. See guidelines SEC12-J. Do not grant untrusted code access to classes in inaccessible packages and SEC13-J. Do not allow unauthorized construction of classes in inaccessible packages for additional information.)
Noncompliant Code Example
...
Deserializing objects from a an unrestricted privileged context can result in arbitrary code execution.
Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
SER09-J | high | likely | medium | P18 | L1 |
Automated Detection
...
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
...