TROYANOSYVIRUS
Retour aux CVEs

CVE-2014-3530

N/A

Description

The org.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory method in PicketLink, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 5.2.0 and 6.2.4, expands entity references, which allows remote attackers to read arbitrary code and possibly have other unspecified impact via unspecified vectors, related to an XML External Entity (XXE) issue.

Details CVE

Score CVSS v3.1N/A
Publie7/22/2014
Derniere modification4/12/2025
Sourcenvd
Observations honeypot0

Produits affectes

redhat:jboss_enterprise_application_platform

Faiblesses (CWE)

CWE-200

References

http://rhn.redhat.com/errata/RHSA-2014-0883.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2014-0884.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2014-0885.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2014-0886.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2015-0091.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2015-0675.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2015-0720.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2015-0765.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2015-1888.html(secalert@redhat.com)
http://secunia.com/advisories/60047(secalert@redhat.com)
http://secunia.com/advisories/60124(secalert@redhat.com)
http://www.securitytracker.com/id/1030607(secalert@redhat.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/94700(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2014-0883.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2014-0884.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2014-0885.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2014-0886.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2015-0091.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2015-0675.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2015-0720.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2015-0765.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2015-1888.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/60047(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/60124(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1030607(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/94700(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.