← Retour aux CVEs
CVE-2015-0132
N/ADescription
The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
Details CVE
Score CVSS v3.1N/A
Publie3/18/2015
Derniere modification5/6/2026
Sourcenvd
Observations honeypot0
Produits affectes
ibm:rational_doors_next_generationibm:rational_requirements_composer
Faiblesses (CWE)
CWE-399
References
http://www-01.ibm.com/support/docview.wss?uid=swg21698248(psirt@us.ibm.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21698248(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.