Summary
| Detail | |||
|---|---|---|---|
| Vendor | Springsource | First view | 2010-06-21 |
| Product | Spring Framework | Last view | 2014-04-17 |
| Version | Type | Application | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 6.8 | 2014-04-17 | CVE-2014-0054 | The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429. |
| 6.8 | 2014-01-23 | CVE-2013-7315 | The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152. NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions. |
| 6.8 | 2014-01-23 | CVE-2013-4152 | The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue. |
| 7.5 | 2012-12-05 | CVE-2011-2730 | VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka "Expression Language Injection." |
| 6 | 2010-06-21 | CVE-2010-1622 | SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 40% (2) | CWE-264 | Permissions, Privileges, and Access Controls |
| 20% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 20% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 20% (1) | CWE-16 | Configuration |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:19214 | DSA-2504-1 libspring-2.5-java - information disclosure |
| oval:org.mitre.oval:def:22298 | DSA-2842-1 libspring-java - several |
| oval:org.mitre.oval:def:22246 | DSA-2857-1 libspring-java - several |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 75264 | Spring Framework Expression Language (EL) MVC Tag Parsing Information Disclosure |
| 65661 | Spring Framework class.classLoader.URLs[0]=jar: Crafted JAR File HTTP Request... |
ExploitDB Exploits
| id | Description |
|---|---|
| 13918 | Spring Framework arbitrary code execution |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-08-10 | Name : Debian Security Advisory DSA 2504-1 (libspring-2.5-java) File : nvt/deb_2504_1.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2017-08-03 | XML entity parsing information disclosure attempt RuleID : 43444 - Type : SERVER-WEBAPP - Revision : 2 |
| 2014-01-10 | XML entity parsing information disclosure attempt RuleID : 24339 - Type : SERVER-WEBAPP - Revision : 14 |
| 2014-01-10 | VMware SpringSource Spring Framework class.classloader remote code execution ... RuleID : 18959 - Type : SERVER-WEBAPP - Revision : 9 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2015-10-23 | Name: The website content management system installed on the remote host is affecte... File: oracle_webcenter_sites_oct_2015_cpu.nasl - Type: ACT_GATHER_INFO |
| 2014-11-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2013-0195.nasl - Type: ACT_GATHER_INFO |
| 2014-11-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2013-0196.nasl - Type: ACT_GATHER_INFO |
| 2014-11-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2013-0197.nasl - Type: ACT_GATHER_INFO |
| 2014-03-31 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2890.nasl - Type: ACT_GATHER_INFO |
| 2014-02-10 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2857.nasl - Type: ACT_GATHER_INFO |
| 2014-01-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2842.nasl - Type: ACT_GATHER_INFO |
| 2013-01-24 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2013-0192.nasl - Type: ACT_GATHER_INFO |
| 2013-01-24 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2013-0193.nasl - Type: ACT_GATHER_INFO |
| 2012-06-29 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2504.nasl - Type: ACT_GATHER_INFO |
