2 matches found
Security Bulletin: IBM InfoSphere Information Governance Catalog is vulnerable to XXE Injection Attack (CVE-2016-0250)
Summary IBM InfoSphere Information Governance Catalog could allow a remote authenticated attacker to obtain sensitive information, caused by a XML external entity XXE error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on th...
CVE-2016-0250
CVE-2016-0250 is an XXE vulnerability in IBM InfoSphere Information Governance Catalog (IGC). It affects IGC versions 11.3 prior to 11.3.1.2 and 11.5 prior to 11.5.0.1, enabling a remote authenticated attacker to read arbitrary files or cause a denial of service by processing crafted XML data. Th...