CVE-2012-0391
Publication date 8 January 2012
Last updated 21 August 2024
Ubuntu priority
The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
Status
Package | Ubuntu Release | Status |
---|---|---|
libstruts1.2-java | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |