Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2014-0001
HistoryJan 06, 2014 - 4:49 a.m.

Updated cxf, wss4j, and jacorb packages fix security vulnerability

2014-01-0604:49:54
Gentoo Foundation
advisories.mageia.org
5

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.045 Low

EPSS

Percentile

92.3%

JSON

Multiple denial of service flaws were found in the way StAX parser implementation of Apache CXF, an open-source web services framework, performed processing of certain XML files. If a web service application utilized the services of the StAX parser, a remote attacker could provide a specially-crafted XML file that, when processed by the application would lead to excessive system resources (CPU cycles, memory) consumption by that application (CVE-2013-2160).

OSVersionArchitecturePackageVersionFilename
Mageia3noarchcxf< 2.6.9-1cxf-2.6.9-1.mga3
Mageia3noarchjacorb< 2.3.1-4jacorb-2.3.1-4.mga3
Mageia3noarchwss4j< 1.6.10-1wss4j-1.6.10-1.mga3

Related

fedora 6
openvas 12
nessus 3
osv 1
cve 1
prion 1
seebug 2
threatpost 1
securityvulns 1
exploitpack 1
packetstorm 1
github 1
exploitdb 1
redhat 2
f5 2
ibm 1
fedora
fedora
[SECURITY] Fedora 18 Update: cxf-2.6.9-1.fc18
2013-08-10 20:01:35
[SECURITY] Fedora 19 Update: cxf-2.6.9-1.fc19
2013-08-10 20:05:12
[SECURITY] Fedora 19 Update: wss4j-1.6.10-1.fc19
2013-08-10 20:05:12
openvas
openvas
Fedora Update for jacorb FEDORA-2013-14106
2013-08-20 00:00:00
Fedora Update for cxf FEDORA-2013-14159
2013-08-12 00:00:00
Fedora Update for jacorb FEDORA-2013-14159
2013-08-12 00:00:00
nessus
nessus
Fedora 18 : cxf-2.6.9-1.fc18 / jacorb-2.3.1-8.fc18 / wss4j-1.6.10-1.fc18 (2013-14159)
2013-08-12 00:00:00
Fedora 19 : cxf-2.6.9-1.fc19 / jacorb-2.3.1-8.fc19 / wss4j-1.6.10-1.fc19 (2013-14106)
2013-08-12 00:00:00
JBoss Portal 6.1.0 Update (RHSA-2013:1437)
2014-01-31 00:00:00
osv
osv
Missing XML Validation in Apache CXF
2022-05-13 01:09:20
cve
cve
CVE-2013-2160
2013-08-19 23:55:00
prion
prion
Code injection
2013-08-19 23:55:00
seebug
seebug
Apache CXF多个远程拒绝服务漏洞(CVE-2013-2160)
2013-07-11 00:00:00
Apache CXF prior to 2.5.10, 2.6.7 and 2.7.4 - Denial of Service
2014-07-01 00:00:00
threatpost
threatpost
Apache CXF Denial of Service Vulnerabilities Patched
2013-07-09 13:55:48
securityvulns
securityvulns
SEC Consult SA-20130709-0 :: Denial of service vulnerability in Apache CXF
2013-07-15 00:00:00
exploitpack
exploitpack
Apache CXF 2.5.102.6.72.7.4 - Denial of Service
2013-07-09 00:00:00
packetstorm
packetstorm
Apache CXF 2.5.10 / 2.6.7 / 2.7.4 Denial Of Service
2013-07-09 00:00:00
github
github
Missing XML Validation in Apache CXF
2022-05-13 01:09:20
exploitdb
exploitdb
Apache CXF &lt; 2.5.10/2.6.7/2.7.4 - Denial of Service
2013-07-09 00:00:00
redhat
redhat
(RHSA-2013:1185) Important: Red Hat JBoss Fuse 6.0.0 patch 2
2013-08-29 00:00:00
(RHSA-2013:1028) Important: Fuse ESB Enterprise 7.1.0 update
2013-07-09 00:00:00
f5
f5
SOL15580 - Apache CXF and JBoss vulnerabilities
2014-09-11 00:00:00
K15580 : Apache CXF and JBoss vulnerabilities
2014-09-11 00:00:00
ibm
ibm
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability
2019-07-19 16:20:01

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.045 Low

EPSS

Percentile

92.3%

JSON
Related for MGASA-2014-0001
fedora6openvas12nessus3osv1cve1prion1seebug2threatpost1securityvulns1exploitpack1packetstorm1github1exploitdb1redhat2f52ibm1