SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file
Reporter | Title | Published | Views | Family All 35 |
---|---|---|---|---|
exploitpack | Spring Framework - Arbitrary code Execution | 18 Jun 201000:00 | โ | exploitpack |
Exploit DB | Spring Framework - Arbitrary code Execution | 18 Jun 201000:00 | โ | exploitdb |
seebug.org | Spring Framework arbitrary code execution | 1 Jul 201400:00 | โ | seebug |
seebug.org | Spring Framework class.classLoader็ฑป่ฟ็จไปฃ็ ๆง่กๆผๆด | 21 Jun 201000:00 | โ | seebug |
OSV | Improper Control of Generation of Code ('Code Injection') in Spring Framework | 17 May 202203:28 | โ | osv |
OSV | Red Hat Security Advisory: JBoss Web Framework Kit 1.0.0 removal | 15 Sep 202418:34 | โ | osv |
securityvulns | CVE-2010-1622: Spring Framework execution of arbitrary code | 20 Jun 201000:00 | โ | securityvulns |
securityvulns | Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | 20 Jun 201000:00 | โ | securityvulns |
securityvulns | Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities | 2 Nov 201500:00 | โ | securityvulns |
Prion | Code injection | 21 Jun 201016:30 | โ | prion |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo