← Zuruck zu CVEs
CVE-2015-0132
N/ABeschreibung
The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht3/18/2015
Zuletzt geandert5/6/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
ibm:rational_doors_next_generationibm:rational_requirements_composer
Schwachen (CWE)
CWE-399
Referenzen
http://www-01.ibm.com/support/docview.wss?uid=swg21698248(psirt@us.ibm.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21698248(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.