Lucene search
RedhatCVELIST:CVE-2014-0107HistoryApr 15, 2014 - 5:00 p.m.
CVE-2014-0107
2014-04-1517:00:00
redhat
raw.githubusercontent.com
2
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
Related
redhat
redhat
nessus
nessus
Fedora 19 : xalan-j2-2.7.1-22.fc19 (2014-4426)
2014-04-07 00:00:00
openSUSE Security Update : xalan-j2 (openSUSE-SU-2014:0861-1)
2014-07-02 00:00:00
securityvulns
securityvulns
libxalan security vulnerabilities
2014-03-27 00:00:00
[SECURITY] [DSA 2886-1] libxalan2-java security update
2014-03-27 00:00:00
[oCERT-2014-002] Xalan-Java insufficient secure processing
2014-03-27 00:00:00
ibm
ibm
openvas
openvas
Fedora Update for xalan-j2 FEDORA-2014-4443
2014-04-08 00:00:00
Debian: Security Advisory (DSA-2886-1)
2014-03-25 00:00:00
Fedora Update for xalan-j2 FEDORA-2014-4426
2014-04-08 00:00:00
osv
osv
Improper Authorization in Apache Xalan-Java
2022-05-13 01:05:38
suse
suse
Security update for xalan-j2 (important)
2014-07-04 21:04:15
f5
f5
SOL15595 - Apache Xalan-Java vulnerability CVE-2014-0107
2014-09-15 00:00:00
K15595 : Apache Xalan-Java vulnerability CVE-2014-0107
2014-09-15 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: xalan-j2-2.7.1-22.fc20
2014-04-05 04:56:01
[SECURITY] Fedora 19 Update: xalan-j2-2.7.1-22.fc19
2014-04-05 04:53:40
veracode
veracode
Apache Xalan Remote Code Execution
2019-01-15 08:52:31
ubuntucve
ubuntucve
CVE-2014-0107
2014-04-15 00:00:00
debian
debian
[SECURITY] [DSA 2886-1] libxalan2-java security update
2014-03-26 20:45:17
seebug
seebug
Apache Xalan-Java FEATURE_SECURE_PROCESSIN属性处理安全绕过漏洞
2014-03-27 00:00:00
Apache Xalan-Java Library安全绕过漏洞
2014-04-03 00:00:00
debiancve
debiancve
CVE-2014-0107
2014-04-15 23:13:13
amazon
amazon
Important: xalan-j2
2014-04-17 23:50:00
prion
prion
Design/Logic Flaw
2014-04-15 23:13:00
oraclelinux
oraclelinux
xalan-j2 security update
2014-04-01 00:00:00
gentoo
gentoo
Xalan-Java: Arbitrary code execution
2016-04-02 00:00:00
github
github
Improper Authorization in Apache Xalan-Java
2022-05-13 01:05:38
cve
cve
CVE-2014-0107
2014-04-15 23:13:13
mageia
mageia
Updated xalan-j2 packages fix CVE-2014-0107
2014-04-03 04:50:42
centos
centos
xalan security update
2014-04-02 12:17:13
ubuntu
ubuntu
Xalan-Java vulnerability
2014-05-21 00:00:00
attackerkb
attackerkb
CVE-2022-47966
2023-01-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00
Oracle Critical Patch Update - January 2016
2016-01-19 00:00:00
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00