Full title: IBM WebSphere Remote Code Execution Java Deserialization Exploit 
Category: remote exploits
Platform: windows
This Metasploit module exploits a vulnerability in IBM's WebSphere Application Server. An unsafe deserialization call of unauthenticated Java objects exists to the Apache Commons Collections (ACC) library, which allows remote arbitrary code execution. Authentication is not required in order to exploit this vulnerability.

# 0day.today @ http://0day.today/