2 matches found
Security Bulletin: Fix available for Vulnerability in XML External Entity Injection (XXE) affecting IBM Cúram Social Program Management (CVE-2016-6111)
Summary IBM Cúram Social Program Management is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error when processing XML data. A remote attacker could use the vulnerability to expose highly sensitive information, or to use all available memory resources...
CVE-2016-6111
IBM Cúram Social Program Management (SPM) is affected by CVE-2016-6111 due to an XML External Entity Injection (XXE) in XML data processing, causing denial of service with potential data exposure and memory depletion. The IBM Security Bulletin lists affected versions across SPM 5.2 SP6 up to 7.0....