5 matches found
SAP NetWeaver AS JAVA 7.4 XXE Injection
Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.4 Vendor URL: http://SAP.com Bug: XXE Sent: 04.12.2015 Reported: 05.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 12.04.2016 Reference: SAP Security Note 2254389 Author: Vahagn Vardanyan ERPScan Descripti...
CVE-2016-4014
XML external entity XXE vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service system hang via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389...
CVE-2016-4014
XML external entity XXE vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service system hang via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389...
CVE-2016-4014
The CVE-2016-4014 entry concerns an XXE/XEE vulnerability in the SAP NetWeaver AS JAVA UDDI component (SAP NetWeaver JAVA AS 7.4). The root cause is XML External Entity processing allowing a crafted DTD to cause denial of service by making the server hang when processing requests to uddi/api/repl...
SAP NetWeaver JAVA AS UDDI component - XXE vulnerability
Application: SAP AS JAVA Versions Affected: SAP AS JAVA 7.4 Vendor URL: SAP Bugs: XXE Reported: 20.10.2015 Vendor response: 21.10.2015 Date of Public Advisory: 14.04.2016 Reference: SAP Security Note 2254389 Author: Vahagn Vardanyan ERPScan Vulnerability Information Class: denial of service Impac...