Lucene search
K

70 matches found

Ubuntu
Ubuntu
added 2015/03/30 5:25 p.m.56 views

USN-2551-1: Apache Standard Taglibs vulnerability

David Jorm discovered that the Apache Standard Taglibs incorrectly handled external XML entities. A remote attacker could possibly use this issue to execute arbitrary code or perform other external XML entity attacks...

7.5CVSS7.6AI score0.1326EPSS
Exploits0
Kaspersky
Kaspersky
added 2015/03/24 12:0 a.m.74 views

KLA10483 Code execution vulnerability in Apache Standard Taglib

An unspecified vulnerability was found in Apache Standard Taglibs. By exploiting this vulnerability malicious users execute arbitrary code. This vulnerability can be exploited remotely via a specially designed XSLT extension. Original advisories - Related products Standard-Taglibs CVE list...

7.5CVSS7.9AI score0.1326EPSS
Exploits0References2
NVD
NVD
added 2015/03/09 2:59 p.m.18 views

CVE-2015-0254

Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity XXE attacks via a crafted XSLT extension in a 1 or 2 JSTL XML tag...

7.5CVSS9.6AI score0.1326EPSS
Exploits0References23
Prion
Prion
added 2015/03/09 2:59 p.m.21 views

Xxe

Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity XXE attacks via a crafted XSLT extension in a 1 or 2 JSTL XML tag...

7.5CVSS7.9AI score0.1326EPSS
Exploits0References23Affected Software2
Cvelist
Cvelist
added 2015/03/09 2:0 p.m.27 views

CVE-2015-0254

Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity XXE attacks via a crafted XSLT extension in a 1 or 2 JSTL XML tag...

9.3AI score0.1326EPSS
Exploits0References23
CVE
CVE
added 2015/03/09 2:0 p.m.213 views

CVE-2015-0254

CVE-2015-0254 : Apache Standard Taglibs before 1.2.3 allows remote code execution/XXE via a crafted XSLT extension in a JSTL XML tag (/). Affects JSTL/Taglibs; root cause is XXE. Public fixes exist in 1.2.3 and later; apply upgrade to mitigate. IBM bulletins also reference this CVE and note remed...

7.5CVSS8.1AI score0.1326EPSS
Exploits0References23Affected Software1
UbuntuCve
UbuntuCve
added 2015/03/09 12:0 a.m.32 views

CVE-2015-0254

Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity XXE attacks via a crafted XSLT extension in a 1 or 2 JSTL XML tag...

7.5CVSS7AI score0.1326EPSS
Exploits0References3
OSV
OSV
added 2015/03/09 12:0 a.m.4 views

UBUNTU-CVE-2015-0254

Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity XXE attacks via a crafted XSLT extension in a 1 or 2 JSTL XML tag...

7.5CVSS7.3AI score0.1326EPSS
Exploits0References4
securityvulns
securityvulns
added 2015/03/08 12:0 a.m.42 views

Apache taglibs security vulnerabilities

Code executions, XXE...

7.5CVSS2.8AI score0.1326EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/02/28 12:0 a.m.1 views

Apache Standard Taglibs XML External Entity Injection Vulnerability

Apache Standard Taglibs is the United States Apache Apache Software Foundation of a JSP Standard Tag Library JSTL specification implementation. An injection vulnerability exists in the Apache Standard Taglibs XML external entity, which could be exploited by an attacker to execute arbitrary code i...

7.5CVSS8.1AI score0.1326EPSS
Exploits0References1
Rows per page
Query Builder