1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
Candidate: CVE-2012-4387
PublicDate: 2012-09-05
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4387
http://struts.apache.org/2.x/docs/s2-011.html
Description:
Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial
of service (CPU consumption) via a long parameter name, which is processed
as an OGNL expression.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
Patches_libstruts1.2-java:
upstream_libstruts1.2-java: not-affected
hardy_libstruts1.2-java: not-affected
lucid_libstruts1.2-java: not-affected
natty_libstruts1.2-java: not-affected
oneiric_libstruts1.2-java: not-affected
precise_libstruts1.2-java: not-affected
devel_libstruts1.2-java: not-affected (only 2.x is affected)
|