2 matches found
RHEL 6 : Virtualization Manager (RHSA-2014:1161)
Red Hat Enterprise Virtualization Manager 3.4.2 is now available. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the CVE link in the References...
CVE-2014-3573
CVE-2014-3573 affects the oVirt Engine back end module used in Red Hat Enterprise Virtualization Manager prior to 3.4.2. The issue arises from an insecure DocumentBuilderFactory when loading XML/RSDL documents, enabling XML External Entity (XXE) attacks that could allow a remote attacker to read ...