5 matches found
Security Bulletin: IBM FileNet Business Process Manager – XML 4J denial of service attack (CVE-2013-4002)
Abstract The XML4J parser that is shipped with the IBM FileNet Business Process Manager is vulnerable to a denial of service attack, which is triggered by malformed XML data. Content The products that are listed below can be affected by security vulnerabilities reported to the Apache Xerces-J...
Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM InfoSphere Information Server (CVE-2013-5802, CVE-2013-5823, CVE-2013-5825, CVE-2013-5780, CVE-2013-5803 and CVE-2013-5372)
Summary IBM Information Server is impacted by security vulnerabilities in IBM SDK, Java Technology Edition that affect availability and confidentiality. Vulnerability Details CVE ID: CVE-2013-5802 DESCRIPTION: An unspecified vulnerability related to the JAXP component has partial confidentiality...
Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition™ affect IBM InfoSphere Information Server (CVE-2013-5802, CVE-2013-5823, CVE-2013-5825, CVE-2013-5780, CVE-2013-5803 and CVE-2013-5372)
Summary IBM Information Server is impacted by security vulnerabilities in IBM SDK, Java Technology Edition™ that affect availability and confidentiality. Vulnerability Details CVE ID: CVE-2013-5802 DESCRIPTION: An unspecified vulnerability related to the JAXP component has partial confidentiality...
Code injection
The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service memory consumption via a crafted XML document that triggers expansion for many entities...
CVE-2013-5372
CVE-2013-5372 is a denial-of-service vulnerability in the XML4J XML parser used by IBM WebSphere Message Broker (6.1 before 6.1.0.12; 7.0 before 7.0.0.7; 8.0 before 8.0.0.4) and IBM Integration Bus 9.0 before 9.0.0.1. A crafted XML document triggers entity expansion, causing memory consumption. C...