Free Trial

Apache Struts2 vulnerabilities discovered while processing malformed XSLT files

Overview :
A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files.
Affected Product(s) :
  • Apache Struts2
Vulnerability Details :
CVE ID : CVE-2012-1592
It was reported that Apache Struts2 suffers from a local code execution flaw when processing malformed XSLT files. This could allow a malicious remote user able to upload an arbitrary file and then view it (such as a graphics file), and execute arbitrary code with the privileges of the struts2 process user.

NOTE: During normal usage, applications that receive untrusted input/files from remote users are expected to properly sanity-check the file and, if nothing else, not immediately make the file uploaded by an untrusted user, available to an untrusted user, without first checking the file.

http://seclists.org/bugtraq/2012/Mar/110

Remediation / Fixes :

The products that included the Struts 2 artefacts in their source jars:
Fuse Service Works 6.0.0
Single Sign On 7.3.0+

If you have used the source package from one of these products to build artefacts on your system, you should do the following to remove potentially affected jars:
1. Run ‘find . -name struts2*.jar’ under the source location
2. Remove any files found
This will not affect the product, as the jar is included with the source of google-guice, but no functionality requiring struts2 is implemented.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-2315 : DATABASE SOFTWARE PRIOR 2 ACCREDITATION TRACKING/PRESENTATION SQL INJECTION

CVE-2022-2315 : DATABASE SOFTWARE PRIOR 2 ACCREDITATION TRACKING/PRESENTATION SQL INJECTION

Description Database Software Accreditation Tracking/Presentation Module product before version 2 has an unauthenticated SQL Injection vulnerability. This is fixed in

Learn more
CVE-2022-37877 : ARUBA CLEARPASS POLICY MANAGER UP TO 6.9.11/6.10.6 ON MACOS ONGUARD AGENT PRIVILEGE ESCALATION

CVE-2022-37877 : ARUBA CLEARPASS POLICY MANAGER UP TO 6.9.11/6.10.6 ON MACOS ONGUARD AGENT PRIVILEGE ESCALATION

Description A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their

Learn more
CVE-2022-23768 : NEO INFORMATION SYSTEMS NIS-HAP11AC PRIOR 4.2-B20220530142945 TELNET SERVICE ACCESS CONTROL

CVE-2022-23768 : NEO INFORMATION SYSTEMS NIS-HAP11AC PRIOR 4.2-B20220530142945 TELNET SERVICE ACCESS CONTROL

Description This Vulnerability in NIS-HAP11AC is caused by an exposed external port for the telnet service. Remote attackers use this

Learn more