| Name | CVE-2011-3923 |
| Description | Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| libstruts1.2-java | source | (unstable) | (not affected) |
- libstruts1.2-java <not-affected> (Only affects 2.x)
https://cwiki.apache.org/confluence/display/WW/S2-009
http://blog.o0o.nu/2012/01/cve-2011-3923-yet-another-struts2.html