Oval Definition:	oval:com.ubuntu.precise:def:20120391000
Revision Date: 2012-01-08 Version: 1 Title: CVE-2012-0391 on Ubuntu 12.04 LTS (precise) - medium. Description: The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter. Family: unix Class: vulnerability Status: Reference(s): CVE-2012-0391 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND The 'libstruts1.2-java' package in precise is affected and needs fixing.
BACK