Spring Framework CVE-2013-6429 Multiple XML External Entity Injection Vulnerabilities

Bugtraq ID: 64947
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2013-6429
Remote: Yes
Local: No
Published: Jan 14 2014 12:00AM
Updated: Nov 24 2016 01:09AM
Credit: Spring development team.
Vulnerable: Redhat JBoss Fuse 6.0.0
Redhat JBoss A-MQ 6.0.0
IBM Websphere Portal 8.5
IBM Websphere Portal 8.0
IBM Websphere Portal 8.0.0.1
HP SiteScope Monitors 11.32IP1
HP SiteScope Monitors 11.20
GoPivotal Spring Framework (Spring MVC) 4.0.0.RC1
GoPivotal Spring Framework (Spring MVC) 4.0.0.M2
GoPivotal Spring Framework (Spring MVC) 4.0.0.M1
GoPivotal Spring Framework (Spring MVC) 3.2.4
GoPivotal Spring Framework (Spring MVC) 3.2.3
GoPivotal Spring Framework (Spring MVC) 3.0.0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: Redhat JBoss Fuse 6.1.0
Redhat JBoss A-MQ 6.1.0
GoPivotal Spring Framework (Spring MVC) 4.0
GoPivotal Spring Framework (Spring MVC) 3.2.5


 

Privacy Statement
Copyright 2010, SecurityFocus