High severity7.5CISA KEVNVD Advisory· Published Mar 30, 2006· Updated Apr 16, 2026
CVE-2006-1547
CVE-2006-1547
Description
ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
struts:strutsMaven | < 1.2.9 | 1.2.9 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.htmlnvdBroken LinkExploitPatchVendor AdvisoryWEB
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB EntryWEB
- www.securityfocus.com/bid/17342nvdBroken LinkThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/25613nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-7qwv-cwgj-c8rjghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2006-1547ghsaADVISORY
- issues.apache.org/bugzilla/show_bug.cginvdIssue TrackingPermissions RequiredWEB
- lists.suse.com/archive/suse-security-announce/2006-May/0004.htmlnvdBroken LinkWEB
- secunia.com/advisories/19493nvdBroken LinkWEB
- secunia.com/advisories/20117nvdBroken LinkWEB
- www.vupen.com/english/advisories/2006/1205nvdBroken Link
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government ResourceWEB
News mentions
0No linked articles in our index yet.