CVE-2014-0112

Related Files

Red Hat Security Advisory 2019-0910-01

Posted Apr 30, 2019

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0910-01 - This release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse 7.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a deserialization vulnerability.

tags | advisory

systems | linux, redhat

advisories | CVE-2014-0112, CVE-2017-7525, CVE-2017-7657

SHA-256 | 05dca764a934db5626dabfbc55d7cc06a8facaf44f0a09956efa3c45a18c1a26

Download | Favorite | View

VMware Security Advisory 2014-0007

Posted Jun 25, 2014

Authored by VMware | Site vmware.com

VMware Security Advisory 2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library.

tags | advisory, vulnerability

advisories | CVE-2014-0050, CVE-2014-0094, CVE-2014-0112

SHA-256 | 8cd3d3b5cff06fae69c9f9a484862c9a8161dfc6048ace9c43f4bda1f4c76169

Download | Favorite | View

Apache Struts ClassLoader Manipulation Remote Code Execution

Posted May 2, 2014

Authored by Mark Thomas, Przemyslaw Celej | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions < 2.3.16.2. This issue is caused because the ParametersInterceptor allows access to 'class' parameter which is directly mapped to getClass() method and allows ClassLoader manipulation, which allows remote attackers to execute arbitrary Java code via crafted parameters.

tags | exploit, java, remote, arbitrary

advisories | CVE-2014-0094, CVE-2014-0112

SHA-256 | 568fa33a2e2d5a30bbf04a28ef0440ffb1ef8efbbd4f569d313ce10a93ef7a01

Download | Favorite | View