Lucene search
K

326 matches found

Prion
Prion
added 2014/04/30 10:49 a.m.32 views

Code injection

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrar...

7.5CVSS7.7AI score0.96121EPSS
Exploits4References119Affected Software2
UbuntuCve
UbuntuCve
added 2014/04/30 10:49 a.m.82 views

CVE-2014-0114

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrar...

7.5CVSS6.9AI score0.96121EPSS
Exploits4References3
Cvelist
Cvelist
added 2014/04/30 10:0 a.m.33 views

CVE-2014-0114

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrar...

7.7AI score0.96121EPSS
Exploits4References119
CVE
CVE
added 2014/04/30 10:0 a.m.456 views

CVE-2014-0114

The CVE-2014-0114 issue affects Apache Struts 1.x through 1.3.10 (and related products using commons-beanutils) where the ActionForm/ClassLoader handling could be manipulated via a class parameter passed to getClass, enabling remote code execution. The F5 advisory confirms the vulnerability impac...

7.5CVSS8.4AI score0.96121EPSS
Exploits4References119Affected Software1
Debian CVE
Debian CVE
added 2014/04/30 10:0 a.m.47 views

CVE-2014-0114

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrar...

7.5CVSS8.1AI score0.96121EPSS
Exploits4
Positive Technologies
Positive Technologies
added 2014/04/30 12:0 a.m.7 views

PT-2014-1716

Name of the Vulnerable Software and Affected Versions Apache Commons BeanUtils versions 1.8.0 through 1.9.2 Apache Struts versions 1.x through 1.3.10 Description The issue allows remote attackers to manipulate the ClassLoader and execute arbitrary code via the class parameter. This can be...

7.5CVSS7.1AI score0.96121EPSS
Exploits4References208
Rows per page
Query Builder