CVE

Id
50000  
CVE No.
CVE-2011-2088  
Status
Candidate  
Description
XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in OpenSymphony WebWork, allows remote attackers to obtain potentially sensitive information about internal Java class paths via vectors involving an s:submit element and a nonexistent method, a different vulnerability than CVE-2011-1772.3.  
Phase
Assigned (20110513)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
541837 50000 CVE-2011-2088 BUGTRAQ:20110518 Apache Struts 2, XWork, OpenSymphony WebWork Java Class Path Information Disclosure  View
541838 50000 CVE-2011-2088 URL:http://www.securityfocus.com/archive/1/archive/1/518066/100/0/threaded  View
541839 50000 CVE-2011-2088 MISC:http://secureappdev.blogspot.com/2011/05/Struts_2_XWork_WebWork_XSS_in_error_pages.html  View
541840 50000 CVE-2011-2088 MISC:http://secureappdev.blogspot.com/2011/05/apache-struts-2-xwork-webwork-reflected.html  View
541841 50000 CVE-2011-2088 MISC:http://www.ventuneac.net/security-advisories/MVSA-11-006  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
31538 JVNDB-2011-001778 複数の Adobe 製品におけるサービス運用妨害 (DoS) の脆弱性 複数の Adobe 製品は、オブジェクトグラフの処理を適切に行わないため、サービス運用妨害 (DoS) 状態となる脆弱性が存在します。 CVE-2011-2093 50000 5 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001778.html  View