CVE-2016-1181

NameCVE-2016-1181
DescriptionActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium (attack range: remote)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libstruts1.2-javasource(unstable)(unfixed)medium

Notes

[wheezy] - libstruts1.2-java <no-dsa> (basically fixed in CVE-2015-0899)
https://jvn.jp/en/jp/JVN03188560/
Two conditions must be met to exploit this vulnerability
condition one is already fixed in CVE-2015-0899, so everything is fine
condition two can be fixed by the following patch:
https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8
but as this completely deactivates multipart requests, this should not be generally applied

Search for package or bug name: Reporting problems