Vulnerability Recommended Actions
If you are using iControl Assembly 11.2 and earlier, the Apache axis.jar file is vulnerable to CVE-2012-5784. To eliminate this vulnerability, upgrade to iControl Assembly 11.3. To do so, download the latest version of the iControl Assembly package at <https://devcentral.f5.com/community/group/aft/1172123/asg/2>.
Note: A separate DevCentral login is required to access this content.
Acknowledgements
F5 would like to acknowledge Brian Keefer of Proofpoint.com for bringing this issue to our attention, and for following the highest standards of responsible disclosure.
Supplemental Information
support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html
support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html
support.f5.comcve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5784