exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2012-0392

около 14 лет назад

The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.

CVSS2: 6.8

EPSS: Критический

CVE-2012-0392

около 14 лет назад

The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.

CVSS2: 6.8

EPSS: Критический

CVE-2012-0392

около 14 лет назад

The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.

CVSS2: 6.8

EPSS: Критический

CVE-2012-0392

около 14 лет назад

The CookieInterceptor component in Apache Struts before 2.3.1.1 does n ...

CVSS2: 6.8

EPSS: Критический

GHSA-2ppp-xj34-vvf7

почти 4 года назад

Apache Struts's CookieInterceptor component does not use the parameter-name whitelist

EPSS: Критический

BDU:2022-06343

около 14 лет назад

Уязвимость реализации класса CookieInterceptor программной платформы Apache Struts, позволяющая нарушителю выполнить произвольный код

CVSS3: 7.3

EPSS: Критический

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2012-0392 The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.	CVSS2: 6.8	91% Критический	около 14 лет назад
CVE-2012-0392 The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.	CVSS2: 6.8	91% Критический	около 14 лет назад
CVE-2012-0392 The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.	CVSS2: 6.8	91% Критический	около 14 лет назад
CVE-2012-0392 The CookieInterceptor component in Apache Struts before 2.3.1.1 does n ...	CVSS2: 6.8	91% Критический	около 14 лет назад
GHSA-2ppp-xj34-vvf7 Apache Struts's CookieInterceptor component does not use the parameter-name whitelist		91% Критический	почти 4 года назад
BDU:2022-06343 Уязвимость реализации класса CookieInterceptor программной платформы Apache Struts, позволяющая нарушителю выполнить произвольный код	CVSS3: 7.3	91% Критический	около 14 лет назад

Уязвимостей на страницу