Apache Structs Multiple Vulnerabilities
Last Update Date:
3 Jun 2016 17:38
Release Date:
3 Jun 2016
4211
Views
RISK: High Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities were identified in Apache Struct. A remote user can execute arbitrary code on the target system.
A remote user can cause denial of service conditions on the target system.
Impact
- Denial of Service
- Remote Code Execution
System / Technologies affected
- CVE-2016-3093 affects version 2.0.0 - 2.3.24.1
- CVE-2016-3087 affects version 2.3.20 - 2.3.28 (except 2.3.20.3 and 2.3.24.3)
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix
Vulnerability Identifier
Source
Related Link
Share with