Apache Struts ExceptionDelegator Component Parameter Parsing Remote Code Execution
Data de publica??o: 20 outubro 2016
Schweregrad: : Cr¨ªtico
Identificador(es) CVE: : CVE-2012-0391
Descri??o
The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
Exposi??o das informa??es
Apply associated live casino online DPI Rules.
Solu??o
live casino online Deep Security DPI Rule Number: 1004911
live casino online Deep Security DPI Rule Name: 1004911 - Apache Struts2 Multiple Vulnerabilities
Software infectado e vers?o:
- apache struts 2.0.0
- apache struts 2.0.1
- apache struts 2.0.10
- apache struts 2.0.11
- apache struts 2.0.11.1
- apache struts 2.0.11.2
- apache struts 2.0.12
- apache struts 2.0.13
- apache struts 2.0.14
- apache struts 2.0.2
- apache struts 2.0.3
- apache struts 2.0.4
- apache struts 2.0.5
- apache struts 2.0.6
- apache struts 2.0.7
- apache struts 2.0.8
- apache struts 2.0.9
- apache struts 2.1.0
- apache struts 2.1.1
- apache struts 2.1.2
- apache struts 2.1.3
- apache struts 2.1.4
- apache struts 2.1.5
- apache struts 2.1.6
- apache struts 2.1.8
- apache struts 2.1.8.1
- apache struts 2.2.1
- apache struts 2.2.1.1
- apache struts 2.2.3