CVE-2016-4014

XML external entity XXE vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service system hang via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389...

Xxe

XML external entity XXE vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service system hang via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389...

SAP NetWeaver JAVA AS UDDI component - XXE vulnerability

Application: SAP AS JAVA Versions Affected: SAP AS JAVA 7.4 Vendor URL: SAP Bugs: XXE Reported: 20.10.2015 Vendor response: 21.10.2015 Date of Public Advisory: 14.04.2016 Reference: SAP Security Note 2254389 Author: Vahagn Vardanyan ERPScan Vulnerability Information Class: denial of service Impac...