CVE-2014-9515

🗓️ 29 Dec 2017 22:00:00Reported by mitreType

CVE-2014-9515 Dozer type conversion vulnerability allowing remote code execution

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Prion	Type confusion	29 Dec 201722:29	–	prion
CVE	CVE-2014-9515	29 Dec 201722:29	–	cve
Veracode	Arbitrary Code Execution	30 Dec 201701:04	–	veracode
Cvelist	CVE-2014-9515	29 Dec 201722:00	–	cvelist
NVD	CVE-2014-9515	29 Dec 201722:29	–	nvd
Oracle	Oracle Critical Patch Update Advisory - April 2019	16 Apr 201900:00	–	oracle

[
  {
    "cpes": [
      "cpe:2.3:a:dozer_project:dozer:*:*:*:*:*:*:*:*"
    ],
    "vendor": "dozer_project",
    "product": "dozer",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "5.5.1"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/107970
github	www.github.com/DozerMapper/dozer/pull/447/commits/ccd550696f3df8545319ffa9c6adafc8eca2334c
oracle	www.oracle.com/security-alerts/cpuApr2021.html
security	www.security.netapp.com/advisory/ntap-20240719-0002/
github	www.github.com/pentestingforfunandprofit/research/tree/master/dozer-rce
github	www.github.com/DozerMapper/dozer/issues/786
infocon	www.infocon.org/cons/SyScan/SyScan%202015%20Singapore/SyScan%202015%20Singapore%20presentations/SyScan15%20David%20Jorm%20-%20Finding%20and%20exploiting%20novel%20flaws%20in%20Java%20software.pdf
github	www.github.com/DozerMapper/dozer/issues/410
github	www.github.com/DozerMapper/dozer/issues/217

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Dec 2017 22:00Current

9.8High risk

Vulners AI Score9.8

EPSS0.02548

SSVC