Announcement Announcement Module
Collapse
No announcement yet.
CVE-2010-1622 - Spring Framework execution of arbitrary code Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • CVE-2010-1622 - Spring Framework execution of arbitrary code

    Several of our Applications uses spring framework. All of our applications uses IOC Container and AOP modules of the Spring and not MVC module

    Does it mean still our application is subjected to Spring Framework execution of arbitrary code issue - http://www.springsource.com/security/cve-2010-1622 ?

    Based on the description and example provided on this issue, it sounds that application is subjected to attack, only if it uses MVC module. Is the statement is true? If it is the case, then should we have to upgrade the applications to 3.0.3 (where fix is applied).

    Appreciate your response. Thanks.
Working...
X