Overview :
A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files.
Affected Product(s) :
  • Apache Struts2
Vulnerability Details :
CVE ID :CVE-2012-1592
It was reported [1] that Apache Struts2 suffers from a local code execution flaw when processing malformed XSLT files. This could allow a malicious remote user able to upload an arbitrary file and then view it (such as a graphics file), and execute arbitrary code with the privileges of the struts2 process user.

NOTE: During normal usage, applications that receive untrusted input/files from remote users are expected to properly sanity-check the file and, if nothing else, not immediately make the file uploaded by an untrusted user, available to an untrusted user, without first checking the file.

[1] http://seclists.org/bugtraq/2012/Mar/110

Remediation / Fixes :

The products that included the Struts 2 artefacts in their source jars:
Fuse Service Works 6.0.0
Single Sign On 7.3.0+

If you have used the source package from one of these products to build artefacts on your system, you should do the following to remove potentially affected jars:
1. Run ‘find . -name struts2*.jar’ under the source location
2. Remove any files found
This will not affect the product, as the jar is included with the source of google-guice, but no functionality requiring struts2 is implemented.