325 matches found
UBUNTU-CVE-2014-0114
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrar...
CVE-2014-0114
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrar...
CVE-2014-0114
The CVE-2014-0114 issue affects Apache Struts 1.x through 1.3.10 (and related products using commons-beanutils) where the ActionForm/ClassLoader handling could be manipulated via a class parameter passed to getClass, enabling remote code execution. The F5 advisory confirms the vulnerability impac...
CVE-2014-0114
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrar...
PT-2014-1716
Name of the Vulnerable Software and Affected Versions Apache Commons BeanUtils versions 1.8.0 through 1.9.2 Apache Struts versions 1.x through 1.3.10 Description The issue allows remote attackers to manipulate the ClassLoader and execute arbitrary code via the class parameter. This can be...