Apache Struts Incomplete Fix Remote Code Execution Vulnerability

Bugtraq ID: 91277
Class: Input Validation Error
CVE: CVE-2016-4461
Remote: Yes
Local: No
Published: Jun 17 2016 12:00AM
Updated: Oct 17 2017 06:03PM
Credit: Alvaro Munoz alvaro dot munoz at hpe.com
Vulnerable: Apache Struts 2.3.28
Apache Struts 2.3.24
Apache Struts 2.3.4 1
Apache Struts 2.3.4
Apache Struts 2.2.3
Apache Struts 2.2.1 1
Apache Struts 2.2
Apache Struts 2.1.8 .1
Apache Struts 2.1.8
Apache Struts 2.1.6
Apache Struts 2.1.5
Apache Struts 2.1.2
Apache Struts 2.1.1
Apache Struts 2.1.1
Apache Struts 2.1
Apache Struts 2.0.14
Apache Struts 2.0.12
Apache Struts 2.0.11 .2
Apache Struts 2.0.11 .1
Apache Struts 2.0.11
Apache Struts 2.0.10
Apache Struts 2.0.9
Apache Struts 2.0.8
Apache Struts 2.0.7
Apache Struts 2.0.6
Apache Struts 2.0.5
Apache Struts 2.0.4
Apache Struts 2.0.3
Apache Struts 2.0.2
Apache Struts 2.0.1
Apache Struts 2.0
Apache Struts 2.3.8
Apache Struts 2.3.7
Apache Struts 2.3.28.1
Apache Struts 2.3.24.3
Apache Struts 2.3.24.2
Apache Struts 2.3.24.1
Apache Struts 2.3.20.3
Apache Struts 2.3.20.2
Apache Struts 2.3.20.1
Apache Struts 2.3.20
Apache Struts 2.3.16.3
Apache Struts 2.3.16.2
Apache Struts 2.3.16.1
Apache Struts 2.3.16
Apache Struts 2.3.15.3
Apache Struts 2.3.15.2
Apache Struts 2.3.15.1
Apache Struts 2.3.15
Apache Struts 2.3.14.3
Apache Struts 2.3.14.2
Apache Struts 2.3.14.1
Apache Struts 2.3.14
Apache Struts 2.3.1.2
Apache Struts 2.3.1.1
Apache Struts 2.3.1
Apache Struts 2.2.3.1
Apache Struts 2.1.4
Apache Struts 2.1.3
Apache Struts 2.0.13
Not Vulnerable: Apache Struts 2.5.1
Apache Struts 2.3.29


 

Privacy Statement
Copyright 2010, SecurityFocus