oval:org.mitre.oval:def:24735

Definition Id: oval:org.mitre.oval:def:24735
 
Oval ID: oval:org.mitre.oval:def:24735
Title: RHSA-2014:0474: struts security update (Important)
Description: Apache Struts is a framework for building web applications with Java. It was found that the Struts 1 ActionForm object allowed access to the 'class' parameter, which is directly mapped to the getClass() method. A remote attacker could use this flaw to manipulate the ClassLoader used by an application server running Struts 1. This could lead to remote code execution under certain conditions. (CVE-2014-0114) All struts users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using struts must be restarted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0474-00
CESA-2014:0474
CVE-2014-0114
Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): struts
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15802
 
Oval ID: oval:org.mitre.oval:def:15802
Title: The operating system installed on the system is CentOS Linux 5.x
Description: The operating system installed on the system is CentOS Linux 5.x
Family: unix Class: inventory
Reference(s): cpe:/o:centos:centos:5
Version: 7
Platform(s): CentOS Linux 5
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:24735
Definition Id: oval:org.mitre.oval:def:11414
 
Oval ID: oval:org.mitre.oval:def:11414
Title: The operating system installed on the system is Red Hat Enterprise Linux 5
Description: The operating system installed on the system is Red Hat Enterprise Linux 5.
Family: unix Class: inventory
Reference(s): cpe:/o:redhat:enterprise_linux:5
Version: 7
Platform(s): Red Hat Enterprise Linux 5
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:24735