CVE-2014-0116
https://notcve.org/view.php?id=CVE-2014-0116
CookieInterceptor in Apache Struts 2.x before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and modify session state via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0113. CookieInterceptor en Apache Struts versiones 2.x anteriores a 2.3.20, cuando un valor de cookiesName comodín es usado, no restringe apropiadamente el acceso al método getClass, lo que permite a atacantes remotos "manipulate" el ClassLoader y modificar el estado de la sesión por medio de una petición diseñada. NOTA: esta vulnerabilidad se presenta debido a una corrección incompleta de CVE-2014-0113. • http://secunia.com/advisories/59816 http://struts.apache.org/release/2.3.x/docs/s2-022.html http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html http://www.securityfocus.com/bid/67218 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2014-0113 – Apache Struts - ClassLoader Manipulation Remote Code Execution
https://notcve.org/view.php?id=CVE-2014-0113
CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. CookieInterceptor en Apache Struts versiones anteriores a 2.3.20, cuando un valor de cookiesName comodín es usado, no restringe correctamente el acceso al método getClass, lo que permite a atacantes remotos "manipulate" el ClassLoader y ejecutar código arbitrario por medio de una petición diseñada. NOTA: esta vulnerabilidad se presenta debido a una corrección incompleta de CVE-2014-0094. • https://www.exploit-db.com/exploits/33142 http://secunia.com/advisories/59178 http://www-01.ibm.com/support/docview.wss?uid=swg21676706 http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html http://www.securityfocus.com/archive/1/531952/100/0/threaded https://cwiki.apache.org/confluence/display/WW/S2-021 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2014-0112 – Apache Struts - ClassLoader Manipulation Remote Code Execution
https://notcve.org/view.php?id=CVE-2014-0112
ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. ParametersInterceptor en Apache Struts versiones anteriores a 2.3.20, no restringe apropiadamente el acceso al método getClass, lo que permite a atacantes remotos "manipulate" el ClassLoader y ejecutar código arbitrario por medio de una petición diseñada. NOTA: esta vulnerabilidad se presenta debido a una corrección incompleta de CVE-2014-0094. • https://www.exploit-db.com/exploits/33142 https://www.exploit-db.com/exploits/41690 http://jvn.jp/en/jp/JVN19294237/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000045 http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html http://secunia.com/advisories/59178 http://secunia.com/advisories/59500 http://www-01.ibm.com/support/docview.wss?uid=swg21676706 http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html http://www.securityfocus • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2014-0094 – Apache Struts - ClassLoader Manipulation Remote Code Execution
https://notcve.org/view.php?id=CVE-2014-0094
The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method. ParametersInterceptor en Apache Struts versiones anteriores a 2.3.16.2, permite a atacantes remotos "manipulate" el ClassLoader por medio del parámetro class, que se pasa al método getClass. • https://www.exploit-db.com/exploits/33142 https://www.exploit-db.com/exploits/41690 https://github.com/y0d3n/CVE-2014-0094 https://github.com/HasegawaTadamitsu/CVE-2014-0094-test-program-for-struts1 http://jvn.jp/en/jp/JVN19294237/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000045 http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html http://secunia.com/advisories/56440 http://secunia.com/advisories/59178 http://struts.apache.org/release/2. •
CVE-2013-6348
https://notcve.org/view.php?id=CVE-2013-6348
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.3.15.3 allow remote attackers to inject arbitrary web script or HTML via the namespace parameter to (1) actionNames.action and (2) showConfig.action in config-browser/. Vulnerabilidades múltiples de Cross Site Scripting (XSS) en Apache Struts 2.3.15.3 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de (1) parámetro de espacio de nombres actionNames.action y (2) showConfig.action en la configuración del navegador • http://en.wooyun.org/bugs/wooyun-2013-034?2592 http://osvdb.org/99047 http://osvdb.org/99048 http://packetstormsecurity.com/files/123805/Struts-2.3.15.3-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2013/Oct/244 http://www.securitytracker.com/id/1029266 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •