EUVD-2016-3424

Malware in sbrugna...

CVE-2016-2340

The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows remote authenticated users to read arbitrary files, send TCP requests to intranet servers, or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entit...

Xxe

The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows remote authenticated users to read arbitrary files, send TCP requests to intranet servers, or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entit...

CVE-2016-2340

The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows remote authenticated users to read arbitrary files, send TCP requests to intranet servers, or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entit...

CVE-2016-2340

CVE-2016-2340 affects Granite Data Services (GraniteDS) AMF framework in version 3.1.1-SNAPSHOT. The vulnerability is an XML External Entity (XXE) issue that, when parsing XML, can allow remote authenticated users to read arbitrary files, issue TCP requests to intranet servers, or cause a denial ...

Granite Data Services AMF framework fails to properly parse XML input containing a reference to external entities

Overview Granite Data Services version 3.1.1-SNAPSHOT AMF framework is vulnerable to XML external entity XXE attack that may be leveraged to expose sensitive data on the host.. Description CWE-611- Improper Restriction of XML External Entity Reference 'XXE' - CVE-2016-2340 Granite Data Services...