Apache Struts Remote Command Execution and Arbitrary File Overwrite Vulnerabilities

Apache Struts is prone to an arbitrary file-overwrite vulnerability and a remote command execution vulnerability.

Successful exploits will allow attackers to overwrite arbitrary files on the affected computer and execute arbitrary commands with the privileges of the user running the affected application.

Versions prior to Apache Struts 2.3.1.1 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus