6505 matches found
CVE-2014-3578
Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL...
CVE-2014-3578
Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL...
DEBIAN-CVE-2014-3578
Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL...
Directory traversal
Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL...
UBUNTU-CVE-2014-3578
Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL...
CVE-2014-3578
Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL...
CVE-2014-3578
CVE-2014-3578 affects Pivotal Spring Framework 3.x up to 3.2.8 and 4.0 up to 4.0.4. The flaw is a directory traversal vulnerability allowing remote attackers to read arbitrary files via a crafted URL, caused by improper handling of resource access. Exploitation could enable reading sensitive serv...
CVE-2014-3578
Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL...
CVE-2014-3578
Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL...
Framework: directory traversal flaw
A directory traversal flaw was found in the way the Spring Framework sanitized certain URLs. A remote attacker could use this flaw to obtain any file on the file system that was also accessible to the process in which the Spring web application was running...
Moderate: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.1.0 security and bug fix update
Red Hat JBoss Fuse and A-MQ 6.1.0 Rollup Patch 2 R2, which includes several bug fixes, enhancements, and resolves two security issues, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring...
Important: Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.0.3 security update
Red Hat JBoss BPM Suite 6.0.3 roll up patch 2, which fixes multiple security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring...
Framework: Directory traversal
A directory traversal flaw was found in the Spring Framework. A remote attacker could use this flaw to access arbitrary files on a server, and bypassing security restrictions that are otherwise in place...
Framework: directory traversal flaw
A directory traversal flaw was found in the way the Spring Framework sanitized certain URLs. A remote attacker could use this flaw to obtain any file on the file system that was also accessible to the process in which the Spring web application was running...
Framework: directory traversal flaw
A directory traversal flaw was found in the way the Spring Framework sanitized certain URLs. A remote attacker could use this flaw to obtain any file on the file system that was also accessible to the process in which the Spring web application was running...
Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.0.3 security update
Red Hat JBoss BRMS 6.0.3 roll up patch 2, which fixes multiple security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System...
Framework: Directory traversal
A directory traversal flaw was found in the Spring Framework. A remote attacker could use this flaw to access arbitrary files on a server, and bypassing security restrictions that are otherwise in place...
欧朋浏览器之广告主后台敏感信息泄漏漏洞(泄漏内容证明)
简要描述: J2EE架构安全 详细说明: 泄漏点: http://59.151.113.225/WEB-INF/web.xml http://59.151.113.225/WEB-INF/spring/webmvc-config.xml 漏洞证明: Spring+Freemaker 反编译class文件...
欧朋浏览器多站配置不当泄漏敏感信息
简要描述: J2EE架构安全 详细说明: 关于WEB-INF WEB-INF是Java的WEB应用的安全目录。所谓安全就是客户端无法访问,只有服务端可以访问的目录。 WEB-INF目录下的敏感目录及文件: classes目录(包含该应用核心的java类编译后的class文件及部分配置文件) lib目录(所用框架、插件或组件的架包) web.xml(重要的配置文件) 泄漏点1. http://59.151.113.213/WEB-INF/web.xml http://59.151.113.213/WEB-INF/spring/webmvc-config.xml...
CVE-2014-3625
Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling...