EUVD-2015-5084

Malware in sbrugna...

[ERPSCAN-15-014] SAP Mobile Platform 3 – XXE in Add Repository

ERPSCAN Research Advisory ERPSCAN-15-014 SAP Mobile Platform 3 – XXE in Add Repository Application: SAP Mobile Platform Versions Affected: SAP Mobile Platform 3, probably others Vendor URL: http://SAP.com Bugs: XML External Entity Sent: 13.03.2015 Reported: 14.03.2015 Vendor response: 14.03.2015...

SAP Mobile Platform 3 XXE Injection

ERPSCAN Research Advisory ERPSCAN-15-014 SAP Mobile Platform 3 – XXE in Add Repository Application: SAP Mobile Platform Versions Affected: SAP Mobile Platform 3, probably others Vendor URL: http://SAP.com Bugs: XML External Entity Sent: 13.03.2015 Reported: 14.03.2015 Vendor response: 14.03.2015...

CVE-2015-5068

XML external entity XXE vulnerability in SAP Mobile Platform 3 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security Note 2159601...

CVE-2015-5068

CVE-2015-5068 is an XXE vulnerability affecting SAP Mobile Platform 3 (and SAP NetWeaver AS Java 7.4 per ERPScan notes) where the XML parser validates incoming requests with a user-specified DTD. A crafted XML request (via Add Repository) can cause the server to read arbitrary files, enable DoS (...

CVE-2015-5068

XML external entity XXE vulnerability in SAP Mobile Platform 3 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security Note 2159601...

SAP Mobile Platform 3 - XXE Vulnerability in Add Repository

Application: SAP Mobile Platform 3 Vendor URL: http://www.sap.com Bugs: XML eXternal Entity Reported: 13.03.2015 Vendor response: 13.03.2015 Date of Public Advisory: 15.06.2015 Reference: SAP Security Note 2159601 Authors: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XML External...