Описание
Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libxml-security-java | fixed | 1.5.6-1 | package | |
| libxml-security-java | no-dsa | squeeze | package | |
| libxml-security-java | no-dsa | wheezy | package |
Примечания
http://santuario.apache.org/secadv.data/cve-2013-4517.txt.asc
EPSS
Связанные уязвимости
Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures.
Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures.
Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures.
Improper Input Validation in Apache Santuario XML Security
Уязвимость платформы для обеспечения стандартов безопасности для XML Apache Santuario XML Security for Java, связанная с ошибками управления ресурсом, позволяющая нарушителю вызвать отказ в обслуживании
EPSS