CVE-2010-1622 in Oracle and Springsource Products
Published on June 21, 2010

SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.

Vendor Advisory NVD

Products Associated with CVE-2010-1622

stack.watch emails you whenever new vulnerabilities are published in Oracle Fusion Middleware or Springsource Spring Framework. Just hit a watch button to start following.

Oracle Fusion Middleware

Springsource Spring Framework

Exploit Probability

EPSS

1.86%

Percentile

82.76%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2010-1622 in Oracle and Springsource ProductsPublished on June 21, 2010

Products Associated with CVE-2010-1622

Exploit Probability

CVE-2010-1622 in Oracle and Springsource Products
Published on June 21, 2010