The DOMConverter, JDOMConverter, DOM4JConverter, and XOMConverter functions in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allow remote attackers to read arbitrary files via DOM data containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVEID**:** CVE-2014-5325 DESCRIPTION:Direct Web Remoting (DWR) could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error when processing XML data. By sending specially-crafted XML data, an attacker could exploit this vulnerability to obtain local system files and other sensitive information. CVSS Base Score:4.3 CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/98687> for the current score CVSS Environmental Score:* Undefined CVSS Vector**:** (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVEID: CVE-2014-5326 **DESCRIPTION:**Direct Web Remoting (DWR) is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials. **CVSS Base Score:**4.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/98686> for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Rational Change 5.2.0.8 and earlier
Rational Change 5.3.0.6 and earlier
Rational Change 5.3.1.1 and earlier
Issue is fixed in Rational Change by upgrading DWR library from version 2.0.3 to version 2.0.11.
Product
|
VRMF
|
APAR
|
Remediation / First Fix
—|—|—|—
Rational Change
|
5.3.0.6
|
None
|
http://www.ibm.com/support/docview.wss?uid=swg24039897
Rational Change
|
5.3.1.1
|
None
|
<http://www.ibm.com/support/docview.wss?uid=swg24038503>
None
CPE | Name | Operator | Version |
---|---|---|---|
rational change | eq | 5.3.0.6 | |
rational change | eq | 5.3.1.1 |