References: | Source: MITRE Type: CNA CVE-2014-0112
Source: JVN Type: Third Party Advisory, VDB Entry JVN#19294237
Source: CCN Type: JVNDB-2014-000045 Apache Struts vulnerable to ClassLoader manipulation
Source: JVNDB Type: Third Party Advisory, VDB Entry JVNDB-2014-000045
Source: MISC Type: Third Party Advisory, VDB Entry http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html
Source: CCN Type: SA58016 Apache Struts Two Vulnerabilities
Source: SECUNIA Type: Permissions Required 59178
Source: SECUNIA Type: Permissions Required 59500
Source: CCN Type: S2-020 DoS attacks and ClassLoader manipulation
Source: CONFIRM Type: Third Party Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21676706
Source: CCN Type: IBM Security Bulletin 1020893 IBM Platform Symphony (CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116)
Source: CCN Type: IBM Security Bulletin 1020894 IBM Platform Cluster Manager (CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116)
Source: CCN Type: IBM Security Bulletin 1020895 IBM Platform HPC (CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116)
Source: CCN Type: IBM Security Bulletin 1020896 IBM Platform Application Center (CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116)
Source: CCN Type: IBM Security Bulletin 1676706 IBM Sterling Order Management, IBM Sterling Configure, Price, Quote and Sterling Web Channel are affected by Apache Struts 2 security vulnerabilities
Source: CCN Type: IBM Security Bulletin 1680848 IBM Connections Security Refresh (CVE-2014-0114, CVE-2014-0113, CVE-2014-0112, CVE-2014-0094, CVE-2014-0116 )
Source: CCN Type: Oracle Critical Patch Update - April 2015 Oracle Critical Patch Update - April 2015
Source: CONFIRM Type: Third Party Advisory http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
Source: BUGTRAQ Type: Third Party Advisory, VDB Entry 20140426 [ANN] Struts 2.3.16.2 GA release available - security fix
Source: BUGTRAQ Type: Third Party Advisory, VDB Entry 20140625 NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library
Source: BID Type: Third Party Advisory, VDB Entry 67064
Source: CCN Type: BID-67064 Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability
Source: CONFIRM Type: Third Party Advisory http://www.vmware.com/security/advisories/VMSA-2014-0007.html
Source: REDHAT Type: Third Party Advisory RHSA-2019:0910
Source: CONFIRM Type: Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1091939
Source: CONFIRM Type: Patch, Vendor Advisory https://cwiki.apache.org/confluence/display/WW/S2-021
Source: XF Type: UNKNOWN apache-struts-cve20140112-code-exec(92740)
Source: CCN Type: IBM Security Bulletin 6620351 (Call Center for Commerce) IBM Call Center and Apache Struts Struts upgrade strategy (various CVEs, see below)
Source: CCN Type: IBM Security Bulletin 6620355 (Sterling Order Management) IBM Sterling Order Management Apache Struts upgrade strategy (various CVEs, see below)
Source: CCN Type: Rapid7 Vulnerability and Exploit Database [07-09-2007] SquirrelMail PGP Plugin Command Execution (SMTP)
Source: CCN Type: WhiteSource Vulnerability Database CVE-2014-0112
|