CVE-2014-1202: SoapUI: remote code execution when processing WSDL

Severity: Critical

CVSS Score: 9.3

The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.