Published: 21/03/2014 Updated: 13/02/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The XSLT component in Apache Camel 2.11.x prior to 2.11.4, 2.12.x prior to 2.12.3, and possibly earlier versions allows remote malicious users to execute arbitrary Java methods via a crafted message.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache camel 1.1.0
apache camel 2.0.0
apache camel 1.4.0
apache camel 2.10.6
apache camel
apache camel 1.2.0
apache camel 1.6.2
apache camel 2.10.0
apache camel 2.11.0
apache camel 2.10.7
apache camel 1.0.0
apache camel 2.10.4
apache camel 1.5.0
apache camel 2.11.2
apache camel 2.10.1
apache camel 1.6.1
apache camel 1.6.4
apache camel 2.10.3
apache camel 2.10.5
apache camel 1.6.0
apache camel 1.3.0
apache camel 2.11.1
apache camel 1.6.3
apache camel 2.1.0
apache camel 2.10.2
apache camel 2.12.1
apache camel 2.12.0
apache camel 2.12.2

The XSLT component in Apache Camel 211x before 2114, 212x before 2123, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message ...

CWE-264 http://secunia.com/advisories/57125 http://camel.apache.org/security-advisories.data/CVE-2014-0003.txt.asc http://www.securityfocus.com/bid/65902 http://rhn.redhat.com/errata/RHSA-2014-0254.html http://rhn.redhat.com/errata/RHSA-2014-0245.html http://secunia.com/advisories/57716 http://rhn.redhat.com/errata/RHSA-2014-0371.html http://secunia.com/advisories/57719 http://rhn.redhat.com/errata/RHSA-2014-0372.html https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2014-0003

CVE-2014-0003

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect