5 matches found
[ERPSCAN-15-014] SAP Mobile Platform 3 – XXE in Add Repository
ERPSCAN Research Advisory ERPSCAN-15-014 SAP Mobile Platform 3 – XXE in Add Repository Application: SAP Mobile Platform Versions Affected: SAP Mobile Platform 3, probably others Vendor URL: http://SAP.com Bugs: XML External Entity Sent: 13.03.2015 Reported: 14.03.2015 Vendor response: 14.03.2015...
SAP Mobile Platform 3 XXE Injection
ERPSCAN Research Advisory ERPSCAN-15-014 SAP Mobile Platform 3 – XXE in Add Repository Application: SAP Mobile Platform Versions Affected: SAP Mobile Platform 3, probably others Vendor URL: http://SAP.com Bugs: XML External Entity Sent: 13.03.2015 Reported: 14.03.2015 Vendor response: 14.03.2015...
CVE-2015-5068
XML external entity XXE vulnerability in SAP Mobile Platform 3 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security Note 2159601...
CVE-2015-5068
CVE-2015-5068 is an XXE vulnerability affecting SAP Mobile Platform 3 (and SAP NetWeaver AS Java 7.4 per ERPScan notes) where the XML parser validates incoming requests with a user-specified DTD. A crafted XML request (via Add Repository) can cause the server to read arbitrary files, enable DoS (...
CVE-2015-5068
XML external entity XXE vulnerability in SAP Mobile Platform 3 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security Note 2159601...