Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

VMware SpringSource Spring Framework class.classloader Remote Code Execution (CVE-2010-1622)

Subscribe

Check Point Reference: CPAI-2011-281
Date Published:
Severity:
Source: Secunia Advisory SA40260
Industry Reference(s): CVE-2010-1622
Protection Provided by: Security Gateway
  • R75
Who is Vulnerable?
SpringSource Spring Framework 3.0.0 through 3.0.2
SpringSource Spring Framework 2.5.0 through 2.5.6.SEC01
SpringSource Spring Framework 2.5.0 through 2.5.7
Vulnerability Description
A vulnerability has been reported in Spring Framework. The vulnerability is caused due to an error in the mechanism used to update the properties of an object with client provided data. This protection detect and block attempts to execute an arbitrary code injection.
Vulnerability Details
A vulnerability has been reported in Spring Framework, which can allow attackers to compromise a vulnerable system. The vulnerability is caused due to an error in the mechanism used to update the properties of an object with client provided data. Successful exploitation allows execution of arbitrary code.

Protection Overview
This protection detect and block attempts to execute an arbitrary code injection.

To configure the defense, select your product from the list below and follow the related protection steps.

Security Gateway R75

How Can I Protect My Network?

  1. In the IPS tab, click Protections and find the protection VMware SpringSource Spring Framework class.classloader Remote Code Execution using the Search mechanism and Edit the protection's settings.
  2. Install policy on all modules.

How Do I Know if My Network is Under Attack?

SmartView Tracker will log the following entries:
Attack Name: Application Servers Protection Violation 
Attack information:VMware SpringSource Spring Framework class.classloader remote code execution