RootSSV:61951

HistoryMar 27, 2014 - 12:00 a.m.

Apache Xalan-Java FEATURE_SECURE_PROCESSIN属性处理安全绕过漏洞

2014-03-2700:00:00

Root

www.seebug.org

0.005 Low

EPSS

Percentile

74.8%

JSON

CVE ID:CVE-2014-0107

Apache Xalan-Java是一个使用Java和C++来实现XSLT库的项目。

Apache Xalan-Java处理部分输出属性时存在错误，允许攻击者利用漏洞绕过安全处理特性(FEATURE_SECURE_PROCESSING)，可访问受限属性或加载任意受限类。
0
Apache Xalan-Java 2.7.0
用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞：
https://issues.apache.org/jira/browse/XALANJ-2435

fedora 2

ibm 20

nessus 17

veracode 1

redhat 16

securityvulns 5

debian 1

ubuntucve 1

openvas 19

f5 2

suse 1

osv 1

seebug 1

debiancve 1

amazon 1

oraclelinux 1

prion 1

github 1

gentoo 1

cve 1

centos 1

ubuntu 1

mageia 1

attackerkb 1

oracle 3

fedora

[SECURITY] Fedora 20 Update: xalan-j2-2.7.1-22.fc20

2014-04-05 04:56:01

[SECURITY] Fedora 19 Update: xalan-j2-2.7.1-22.fc19

2014-04-05 04:53:40

ibm

Security Bulletin: A vulnerability exists in Apache Xalan-Java prior to 2.7.2 as used in IBM Sterling Control Center 5.2 (CVE-2014-0107)

2019-12-17 22:47:42

Security Bulletin: Security exposure in IBM Cognos Incentive Compensation Management (CVE-2014-0107)

2018-06-15 22:31:28

Security Bulletin: IBM Security Guardium is affected by an Apache Xalan-Java library vulnerability (CVE-2014-0107)

2021-04-14 20:43:23

nessus

SuSE 11.3 Security Update : xalan-j2 (SAT Patch Number 9426)

2014-07-05 00:00:00

RHEL 5 / 6 : xalan-j2 (RHSA-2014:0348)

2014-04-02 00:00:00

Oracle Linux 5 / 6 : xalan-j2 (ELSA-2014-0348)

2014-04-02 00:00:00

veracode

Apache Xalan Remote Code Execution

2019-01-15 08:52:31

redhat

(RHSA-2014:0591) Important: Red Hat JBoss Enterprise Application Platform 5.2.0 security update

2014-06-02 00:00:00

(RHSA-2014:0454) Important: Red Hat JBoss Enterprise Application Platform 6.2.2 security update

2014-04-30 18:47:56

(RHSA-2014:0453) Important: Red Hat JBoss Enterprise Application Platform 6.2.2 security update

2014-04-30 00:00:00

securityvulns

[oCERT-2014-002] Xalan-Java insufficient secure processing

2014-03-27 00:00:00

[USN-2218-1] Xalan-Java vulnerability

2014-06-14 00:00:00

libxalan security vulnerabilities

2014-03-27 00:00:00

debian

[SECURITY] [DSA 2886-1] libxalan2-java security update

2014-03-26 20:21:08

ubuntucve

CVE-2014-0107

2014-04-15 00:00:00

openvas

Fedora Update for xalan-j2 FEDORA-2014-4426

2014-04-08 00:00:00

Fedora Update for xalan-j2 FEDORA-2014-4443

2014-04-08 00:00:00

Debian: Security Advisory (DSA-2886-1)

2014-03-25 00:00:00

SOL15595 - Apache Xalan-Java vulnerability CVE-2014-0107

2014-09-15 00:00:00

K15595 : Apache Xalan-Java vulnerability CVE-2014-0107

2014-09-15 00:00:00

suse

Security update for xalan-j2 (important)

2014-07-04 21:04:15

osv

Improper Authorization in Apache Xalan-Java

2022-05-13 01:05:38

seebug

Apache Xalan-Java Library安全绕过漏洞

2014-04-03 00:00:00

debiancve

CVE-2014-0107

2014-04-15 23:13:00

amazon

Important: xalan-j2

2014-04-17 23:50:00

oraclelinux

xalan-j2 security update

2014-04-01 00:00:00

prion

Design/Logic Flaw

2014-04-15 23:13:00

github

Improper Authorization in Apache Xalan-Java

2022-05-13 01:05:38

gentoo

Xalan-Java: Arbitrary code execution

2016-04-02 00:00:00

cve

CVE-2014-0107

2014-04-15 23:13:00

centos

xalan security update

2014-04-02 12:17:13

ubuntu

Xalan-Java vulnerability

2014-05-21 00:00:00

mageia

Updated xalan-j2 packages fix CVE-2014-0107

2014-04-03 04:50:42

attackerkb

CVE-2022-47966

2023-01-20 00:00:00

oracle

Oracle Critical Patch Update - January 2016

2016-01-19 00:00:00

Oracle Critical Patch Update Advisory - April 2019

2019-04-16 00:00:00

Oracle Critical Patch Update - October 2017

2017-10-17 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.005 Low

EPSS

Percentile

74.8%

JSON

Related for SSV:61951