Intelligence Center » Browse All Vulnerabilities » CVE-2011-2730
Overview |
|
| Vulnerability Score |  7.5 |
| CVE Id | CVE-2011-2730 |
| Last Modified | 17 Jan 2015 09:59:04 |
| Published | 05 Dec 2012 12:55:01 |
| Confidentiality Impact |  PARTIAL |
| Integrity Impact | PARTIAL |
| Availability Impact | PARTIAL |
| Access Vector | NETWORK |
| Access Complexity | LOW |
| Authentication | NONE |
CVE-2011-2730
Summary
VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka "Expression Language Injection."
Vulnerable Systems
Application
Springsource Spring Framework 2.5.0
Springsource Spring Framework 2.5.1
Springsource Spring Framework 2.5.2
Springsource Spring Framework 2.5.3
Springsource Spring Framework 2.5.4
Springsource Spring Framework 2.5.5
Springsource Spring Framework 2.5.6
Springsource Spring Framework 2.5.7
Springsource Spring Framework 2.5.7 Sr01
Springsource Spring Framework 3.0.0
Springsource Spring Framework 3.0.1
Springsource Spring Framework 3.0.2
Springsource Spring Framework 3.0.3
Springsource Spring Framework 3.0.4
Springsource Spring Framework 3.0.5
References
MISC - https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit
DEBIAN - DSA-2504
CONFIRM - http://support.springsource.com/security/cve-2011-2730
MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814
SECUNIA - 52054
SECUNIA - 51984
REDHAT - RHSA-2013:0221
REDHAT - RHSA-2013:0198
REDHAT - RHSA-2013:0197
REDHAT - RHSA-2013:0196
REDHAT - RHSA-2013:0195
REDHAT - RHSA-2013:0194
REDHAT - RHSA-2013:0193
REDHAT - RHSA-2013:0192
REDHAT - RHSA-2013:0191
SECTRACK - 1029151
SECUNIA - 55155
REDHAT - RHSA-2013:0533
IT Risk Posture:
Free Risk Assessment Tools
Application Scanner
Find vulnerabilities on your network.
Device Scanner
Find vulnerabilities on your network.
Patch Scanner
Find vulnerabilities on your network.
Last Updated: 27 May 2016 11:01:27
