CVE-2016-1181

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-1181

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-1181.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-1181

Aliases

GHSA-7jw3-5q4w-89qg

Published

2016-07-04T22:59:01Z

Modified

2024-09-03T00:02:59Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899.

References

Affected packages

Git / github.com/apache/struts1

Affected ranges

Type: GIT
Repo: https://github.com/apache/struts1
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

11c038edcbc39fc7dd33a9c4e153449dcd0e4ce6

Last affected

18034701406a19516c921c77c5014ec78e821be8

Last affected

2f31da8d6315acf6f8e9bf44250345d1d9363f85

Last affected

373154027c65ff19595d954c07ab0e36e93e9c5b

Last affected

413367e9ffa791a0225df784dce47e457febe56e

Last affected

432ca08cb5f436f290ab3dcaa9267739cf8f6f89

Last affected

4826731bfd429307a0e19bb602cdaca2b5d31b16

Last affected

49dabf9f94b996d78577ef596ac324411c389f6b

Last affected

69785ef41e6e62e7c7229ce3a82e4acbe175f7a1

Last affected

6d8a0611c2dc40080bf5bc436d09f7e264efe5d9

Last affected

6f05d0d49774a7dbab2903e5aee8a2a0d8f3cee8

Last affected

80320efbf7bc35d9e14c3caf4d262a2a198a7fe3

Last affected

804ae5cf5ef8c7dac1d44ef7819ff35ad86a81a7

Last affected

8afe64135d328af0ed6b4f44c28c9596cc678b2c

Last affected

910e9dac28714ff2fbeeb361f0e52c14d6145b1b

Last affected

934faaaf4ddbe38a30a62ae8fc7e58d2dba90ea2

Last affected

96831d6a8b8e4e84a4d3ba39836daef3a7d525c9

Last affected

99c6c7e4fb50a0e5c5b616e7590273d3e47f0596

Last affected

b518964f836cc7e92bfc8a182a9b33fa1d8f0d37

Last affected

bdbf6120a767c1ce000390b2cf953eaf3dabd478

Last affected

d5e1453607684e48e24f51dd3febbf7ab0b5241c

Last affected

e5b1aa84f9057ed10b031fcc5c1b63329e943e8a

Last affected

e5fc9a70d4d586a5215cc74cacfc327490f06caf

Last affected

eb268ce7a2ebd58b1ca084ecca4682bcbc7cfcaf

Last affected

fac67d636cbf723cb3d756d1138429350de4a2ee

Type: GIT
Repo: https://github.com/kawasima/struts1-forever
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

eda3a79907ed8fcb0387a0496d0cb14332f250e8