Apache Struts2 vulnerabilities discovered while processing malformed XSLT files

Bafilo Overview :
A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files.
Três Corações Affected Product(s) :
  • Apache Struts2
Vulnerability Details :
CVE ID : CVE-2012-1592
It was reported [1] that Apache Struts2 suffers from a local code execution flaw when processing malformed XSLT files. This could allow a malicious remote user able to upload an arbitrary file and then view it (such as a graphics file), and execute arbitrary code with the privileges of the struts2 process user.

NOTE: During normal usage, applications that receive untrusted input/files from remote users are expected to properly sanity-check the file and, if nothing else, not immediately make the file uploaded by an untrusted user, available to an untrusted user, without first checking the file.

[1] http://seclists.org/bugtraq/2012/Mar/110

Remediation / Fixes :

The products that included the Struts 2 artefacts in their source jars:
Fuse Service Works 6.0.0
Single Sign On 7.3.0+

If you have used the source package from one of these products to build artefacts on your system, you should do the following to remove potentially affected jars:
1. Run ‘find . -name struts2*.jar’ under the source location
2. Remove any files found
This will not affect the product, as the jar is included with the source of google-guice, but no functionality requiring struts2 is implemented.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-5288 : SICK SIM1012 Access Control

CVE-2023-5288 : SICK SIM1012 Access Control

Description A remote unauthorized attacker may connect to the SIM1012, interact with the device and change configuration settings. The adversary

CVE-2023-44466 : Linux Kernel up to 6.4.4 Ceph File System net/ceph/messenger_v2.c Buffer Overflow

CVE-2023-44466 : Linux Kernel up to 6.4.4 Ceph File System net/ceph/messenger_v2.c Buffer Overflow

Description An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading

CVE-2023-20252 : CISCO CATALYST SD-WAN MANAGER SAML API IMPROPER AUTHENTICATION

CVE-2023-20252 : CISCO CATALYST SD-WAN MANAGER SAML API IMPROPER AUTHENTICATION

Description A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an