ID CVE-2015-0254
Summary Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag. <a href="http://cwe.mitre.org/data/definitions/611.html" target="_blank">CWE-611: Improper Restriction of XML External Entity Reference ('XXE')</a>
References
Vulnerable Configurations
  • cpe:2.3:a:apache:standard_taglibs:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:standard_taglibs:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 25-03-2019 - 11:34)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1198606
    title CVE-2015-0254 jakarta-taglibs-standard: XXE and RCE via XSL extension in JSTL XML tags
    oval
    OR
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhba:tst:20111656001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhba:tst:20111656002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhba:tst:20111656003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhba:tst:20111656004
      • OR
        • AND
          • comment jakarta-taglibs-standard is earlier than 0:1.1.1-11.7.el6_7
            oval oval:com.redhat.rhsa:tst:20151695007
          • comment jakarta-taglibs-standard is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151695008
        • AND
          • comment jakarta-taglibs-standard-javadoc is earlier than 0:1.1.1-11.7.el6_7
            oval oval:com.redhat.rhsa:tst:20151695005
          • comment jakarta-taglibs-standard-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151695006
    • AND
      • OR
        • comment Red Hat Enterprise Linux 7 Client is installed
          oval oval:com.redhat.rhba:tst:20150364001
        • comment Red Hat Enterprise Linux 7 Server is installed
          oval oval:com.redhat.rhba:tst:20150364002
        • comment Red Hat Enterprise Linux 7 Workstation is installed
          oval oval:com.redhat.rhba:tst:20150364003
        • comment Red Hat Enterprise Linux 7 ComputeNode is installed
          oval oval:com.redhat.rhba:tst:20150364004
      • OR
        • AND
          • comment jakarta-taglibs-standard is earlier than 0:1.1.2-14.el7_1
            oval oval:com.redhat.rhsa:tst:20151695014
          • comment jakarta-taglibs-standard is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151695008
        • AND
          • comment jakarta-taglibs-standard-javadoc is earlier than 0:1.1.2-14.el7_1
            oval oval:com.redhat.rhsa:tst:20151695013
          • comment jakarta-taglibs-standard-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151695006
    rhsa
    id RHSA-2015:1695
    released 2015-08-31
    severity Important
    title RHSA-2015:1695: jakarta-taglibs-standard security update (Important)
  • rhsa
    id RHSA-2016:1376
  • rhsa
    id RHSA-2016:1838
  • rhsa
    id RHSA-2016:1839
  • rhsa
    id RHSA-2016:1840
  • rhsa
    id RHSA-2016:1841
rpms
  • jakarta-taglibs-standard-0:1.1.1-11.7.el6_7
  • jakarta-taglibs-standard-javadoc-0:1.1.1-11.7.el6_7
  • jakarta-taglibs-standard-0:1.1.2-14.el7_1
  • jakarta-taglibs-standard-javadoc-0:1.1.2-14.el7_1
refmap via4
bid 72809
bugtraq 20150227 [SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags
confirm http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
misc http://packetstormsecurity.com/files/130575/Apache-Standard-Taglibs-1.2.1-XXE-Remote-Command-Execution.html
mlist
  • [tomcat-dev] 20190319 svn commit: r1855831 [27/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
  • [tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
  • [tomcat-taglibs-user] 20150227 [SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags
sectrack 1034934
suse openSUSE-SU-2015:1751
ubuntu USN-2551-1
Last major update 25-03-2019 - 11:34
Published 09-03-2015 - 14:59
Back to Top