16 matches found
Security Bulletin: IBM System Storage Support for Microsoft Volume Shadow Copy Service and Virtual Disk Service is vulnerable to multiple vulnerabilities due to Apache Axis. CVE-2018-8032, CVE-2014-3596, CVE-2019-0227, CVE-2012-5784
Summary IBM System Storage Support for Microsoft Volume Shadow Copy Service and Virtual Disk Service is vulnerable to multiple vulnerabilities due to Apache Axis. CVE-2018-8032, CVE-2014-3596, CVE-2019-0227, CVE-2012-5784. Vulnerability Details CVEID:CVE-2018-8032 DESCRIPTION: Apache Axis 1.x up ...
Linux Distros Unpatched Vulnerability : CVE-2019-0227
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Server Side Request Forgery SSRF vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits...
RHEL 5 : axis (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - axis: Hard coded domain name in example web service named StockQuoteService.jws leading to remote code...
Security Bulletin: Multiple Vulnerabilities found in Axis.jar V1.x may affect IBM Content Collector for SAP Applications
Summary IBM Content Collector for SAP Applications may be affected by multiple vulnerabilities found in Axis.jar V1.x Vulnerability Details CVEID: CVE-2018-8032 DESCRIPTION: Apache Axis is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the default...
Oracle WebCenter Portal Multiple Vulnerabilities (Jul 2020 CPU)
Binary data oraclewebcenterportalcpujul2020.nbin...
Oracle Enterprise Manager Cloud Control (Jul 2020 CPU)
The 13.3.0.0, 13.4.0.0, and 12.1.0.5 versions of Enterprise Manager Base Platform installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2020 CPU advisory. - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager...
Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2020 CPU)
According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.1.x or 16.2.x prior to 16.2.16.0, or 17.7.x through 17.12.x prior to 17.12.11.2, or 18.8.x prior to 18.8.15, or 19.12.x prior to 19.12.0.1. It is, therefore, affected by...
Oracle Primavera Gateway Multiple Vulnerabilities (Jan 2020 CPU)
According to its self-reported version number, the Oracle Primavera Gateway installation running on the remote web server is 15.x prior to 15.2.18, 16.x prior to 16.2.11, 17.x prior to 17.12.6, or 18.x prior to 18.8.8.1. It is, therefore, affected by multiple vulnerabilities, including the...
Exploit for Server-Side Request Forgery in Apache Axis
cve-2019-0227 Apache Axis1.4 remote code execution vulnerabil...
activemq:activemq (=1.1), activemq:activemq-optional (=3.2) +325 more potentially affected by CVE-2019-0227 via axis:axis (>=1.2 <=1.4)
axis:axis MAVEN version =1.2, =1.2.5, =1.1.0, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.6.4 and more Source cves: CVE-2019-0227 Source advisory: OSV:GHSA-H9GJ-RQRW-X4FQ...
CVE-2019-0227
A Server Side Request Forgery SSRF vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2...
CVE-2019-0227
The CVE-2019-0227 entry concerns an SSRF in Apache Axis 1.4 (last released in 2006). The connected IBM bulletins confirm Axis 1.x vulnerability details and state Axis 2 is the successor, with 1.7.9 (Axis2) being not vulnerable. Affected Axis 1.x components are legacy; remediation is to upgrade to...
CVE-2019-0227
A Server Side Request Forgery SSRF vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2...
Apache Axis Remote Code Execution (CVE-2019-0227)
A remote code execution exists in Apache Axis server. A remote attacker can exploit this vulnerability to execute arbitrary code in the affected system via a crafted http response...
Apache Axis 1.4 Remote Code Execution
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Apache Axis 1.4 Remote Code Execution CVE-2019-0227 https://rhinosecuritylabs.com/Application-Security/CVE-2019-0227-Expired-Domain-to-RCE-in-Apache-Axis Author: David Yesland @daveysec, Rhino...
CVE-2019-0227: Expired Domain to Remote Code Execution in Apache Axis
The post CVE-2019-0227: Expired Domain to Remote Code Execution in Apache Axis appeared first on Rhino Security Labs...