CVE-2015-3253 in Communications Converged Application Server Service Controllerinfo

Summary

The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

04/10/2015

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
153301Oracle Communications Converged Application Server Service Controller Admin Console injection74Not definedOfficial fixCVE-2015-3253
133587Oracle Data Integrator Apache Groovy injection74Not definedOfficial fixCVE-2015-3253
111953Oracle Communications BRM Elastic Charging injection74Not definedOfficial fixCVE-2015-3253
108013Oracle Communications WebRTC Session Controller Apache Groovy injection74Not definedOfficial fixCVE-2015-3253
103904Oracle Communications BRM Apache Groovy injection74Not definedOfficial fixCVE-2015-3253
103787Oracle Enterprise Data Quality Apache Groovy injection74Not definedOfficial fixCVE-2015-3253
95554Oracle Big Data Graph Spatial injection74Not definedOfficial fixCVE-2015-3253
92996Oracle Retail Merchandising Insights Security injection74Not definedOfficial fixCVE-2015-3253
92995Oracle Retail Customer Insights Security injection74Not definedOfficial fixCVE-2015-3253
92994Oracle Commerce Platform Dynamo Application injection74Not definedOfficial fixCVE-2015-3253
92964Oracle Agile PLM Event Java PX injection74Not definedOfficial fixCVE-2015-3253
92780Oracle Big Data Discovery Data Processing injection74Not definedOfficial fixCVE-2015-3253
90030Oracle Retail Store Inventory Management SIMINT injection74Not definedOfficial fixCVE-2015-3253
90029Oracle Retail Service Backbone Install injection74Not definedOfficial fixCVE-2015-3253
90028Oracle Retail Order Broker System Administration injection74Not definedOfficial fixCVE-2015-3253
90014Oracle Health Sciences Clinical Development Center Installation/configuration injection74Not definedOfficial fixCVE-2015-3253
82590Oracle WebCenter Sites injection74Not definedOfficial fixCVE-2015-3253
77083Apache Groovy MethodClosure.java MethodClosure injection74Not definedNot definedCVE-2015-3253

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!