CVE Reference: CVE-2012-1833

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2012-1833

Description:
VMware SpringSource Grails before 1.3.8, and 2.x before 2.0.2, does not properly restrict data binding, which might allow remote attackers to bypass intended access restrictions and modify arbitrary object properties via a crafted request parameter to an application.

CVE Status:
Candidate

References:

SAID
  Secunia Advisory: SA51113

CONFIRM
  http://support.springsource.com/security/cve-2012-1833

BID
  55763


Return to the previous page.