What is CVE-2010-1632?

CVE-2010-1632 is a vulnerability in Apache Axis2, classified under Improper Input Validation. Published 2010-06-22.

Is CVE-2010-1632 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Apache Axis2

CVE-2010-1632

Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.067 (91.4th percentile) — read the EPSS interpretation.

Affected products

Apache Axis2 — versions 1.3, 1.5, 1.4
Apache Geronimo
Apache Orchestration_director_engine
Apache Synapse
Apache Tuscany
Ibm Websphere_application_server — versions 7.0.0.5, 7.0.0.10, 7.0.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

References

secalert@redhat.com (x_refsource_MISC)
secalert@redhat.com (x_refsource_CONFIRM)
PM14844 (vendor-advisory, x_refsource_AIXAPAR)
ADV-2010-1528 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
PM14765 (vendor-advisory, x_refsource_AIXAPAR)
ADV-2010-1531 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
secalert@redhat.com (x_refsource_CONFIRM)
PM14847 (vendor-advisory, x_refsource_AIXAPAR)
secalert@redhat.com (x_refsource_CONFIRM)
41025 (x_refsource_SECUNIA, third-party-advisory)

Frequently asked questions

What is CVE-2010-1632?: CVE-2010-1632 is a vulnerability in Apache Axis2, classified under Improper Input Validation. Published 2010-06-22.
Is CVE-2010-1632 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.