CVE-2015-2001

Name of the Vulnerable Software and Affected Versions MetaIO SDK versions prior to 6.0.2.1

Description The issue allows attackers to execute arbitrary code by leveraging a finalize method in a Serializable class. This is due to the class improperly passing an attacker-controlled pointer to a native function.

Recommendations For versions prior to 6.0.2.1, update to version 6.0.2.1 or later to resolve the issue.