Apache Axis2 is prone to a security vulnerability that may result in information-disclosure or denial-of-service conditions. An attacker can exploit this vulnerability to obtain potentially sensitive information by including local and external files on computers running the vulnerable application or by causing denial-of- service conditions other attacks are also possible. The issue affects versions prior to 1.5.2 and 1.6.
The vendor has released fixes. Please see the references for more information.
Updated on 2017-03-28