APP: VMware SpringSource Spring Framework class.classloader Remote Code Execution
This signature detects attempts to exploit a known remote code execution vulnerability in VMware SpringSource. It is due to a design weakness in the Web application framework. A remote attacker can leverage this weakness by sending a crafted HTTP request to a target system. A successful attack results in arbitrary code execution.
Extended Description
Spring Framework is prone to a remote code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary malicious Java code within the context of the affected application. Successful exploits will compromise the affected application and the underlying system; other attacks are also possible. Versions of Spring Framework prior to 3.03, 2.5.6.SEC02, and 2.5.7.SR01 are vulnerable.
Affected Products
Apache_software_foundation geronimo
Short Name
APP:VMWARE-SPRING-CLASSLOADER
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2010-1622 Code Execution Framework Remote Spring SpringSource VMware bid:40954 class.classloader
Release Date
10/01/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Apache_software_foundation
Red_hat
Springsource
CVSS Score
6.0