CVE-2014-3481

2014-07-07T10:55:03
ID CVE-2014-3481
Type cve
Reporter NVD
Modified 2017-08-28T21:34:45

Description

org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary files via unspecified vectors, related to an XML External Entity (XXE) issue.