← Back to CVEs
CVE-2015-0132
N/ADescription
The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
CVE Details
CVSS v3.1 ScoreN/A
Published3/18/2015
Last Modified5/6/2026
Sourcenvd
Honeypot Sightings0
Affected Products
ibm:rational_doors_next_generationibm:rational_requirements_composer
Weaknesses (CWE)
CWE-399
References
http://www-01.ibm.com/support/docview.wss?uid=swg21698248(psirt@us.ibm.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21698248(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.