Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Regarding CVE-2014-0114 in Struts-1.2.9.jar - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Regarding CVE-2014-0114 in Struts-1.2.9.jar

We have used struts-1.2.9.jar in our project. I found CVE-2014-0114 vulnerability in this jar.
While looking for the possible solutions for these I found that Struts 1.x has had its End-Of-Life announcement one year ago and upgrades are available for it on Linux systems. But my application runs on windows.

Can you please suggest me possible fix/alternates to get rid of this vulnerability.

Thanks in advance!

Sign Up for Free or Log In to start participating in the conversation!