Source |
McAfee Labs |
Identifiant |
705938 |
Date de publication |
2017-07-19 19:56:05 (vue: 2018-06-15 13:27:59) |
Titre |
Analyzing CVE-2017-9791: Apache Struts Vulnerability Can Lead to Remote Code Execution |
Texte |
Apache Struts is a model-view-controller framework for creating Java web applications. Struts has suffered from a couple of vulnerabilities using the technique of object-graph navigation language (OGNL) injection. OGNL is an expression language that allows the setting of object properties and execution of various methods of Java classes. OGNL can be used maliciously to perform …
|
Envoyé |
Oui |
Condensat |
2017 9791: allows analyzing apache appeared applications blogs can classes code controller couple creating cve execution expression first framework from graph has injection java language lead maliciously mcafee methods model navigation object ognl perform post properties remote setting struts suffered technique used using various view vulnerabilities vulnerability web |
Tags |
|
Stories |
|
Notes |
★★★
|
Move |
|