Lucene search
Ubuntu.comUB:CVE-2013-1915HistoryApr 25, 2013 - 12:00 a.m.
CVE-2013-1915
2013-04-2500:00:00
ubuntu.com
ubuntu.com
15
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.6%
ModSecurity before 2.7.3 allows remote attackers to read arbitrary files,
send HTTP requests to intranet servers, or cause a denial of service (CPU
and memory consumption) via an XML external entity declaration in
conjunction with an entity reference, aka an XML External Entity (XXE)
vulnerability.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | libapache-mod-security | <Â 2.5.11-1ubuntu0.1 | UNKNOWN |
| ubuntu | 11.10 | noarch | libapache-mod-security | <Â 2.5.12-1+squeeze2build0.11.10.1 | UNKNOWN |
| ubuntu | 13.04 | noarch | modsecurity-apache | <Â 2.6.6-6 | UNKNOWN |
| ubuntu | 13.10 | noarch | modsecurity-apache | <Â 2.6.6-6 | UNKNOWN |
| ubuntu | 14.04 | noarch | modsecurity-apache | <Â 2.6.6-6 | UNKNOWN |
| ubuntu | 14.10 | noarch | modsecurity-apache | <Â 2.6.6-6 | UNKNOWN |
| ubuntu | 15.04 | noarch | modsecurity-apache | <Â 2.6.6-6 | UNKNOWN |
| ubuntu | 15.10 | noarch | modsecurity-apache | <Â 2.6.6-6 | UNKNOWN |
| ubuntu | 16.04 | noarch | modsecurity-apache | <Â 2.6.6-6 | UNKNOWN |
| ubuntu | 16.10 | noarch | modsecurity-apache | <Â 2.6.6-6 | UNKNOWN |
Related
debian
debian
[SECURITY] [DSA 2659-1] libapache-mod-security security update
2013-04-10 18:11:40
cvelist
cvelist
CVE-2013-1915
2013-04-25 23:00:00
openvas
openvas
Fedora Update for mod_security FEDORA-2013-4831
2013-04-15 00:00:00
Debian Security Advisory DSA 2659-1 (libapache-mod-security - XML external entity processing vulnerability)
2013-04-09 00:00:00
Fedora Update for mod_security FEDORA-2013-4831
2013-04-15 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2659-1] libapache-mod-security security update
2013-04-15 00:00:00
Apache mod_security security vulnerabilities
2013-04-15 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : apache-mod_security (MDVSA-2013:156)
2013-04-30 00:00:00
ModSecurity < 2.7.3 XML External Entity (XXE) Data Parsing Arbitrary File Disclosure
2013-07-02 00:00:00
Fedora 17 : mod_security-2.7.3-1.fc17 (2013-4834)
2013-04-14 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: mod_security-2.7.3-1.fc19
2013-04-20 19:30:49
[SECURITY] Fedora 18 Update: mod_security-2.7.3-1.fc18
2013-04-14 00:29:50
[SECURITY] Fedora 17 Update: mod_security-2.7.3-1.fc17
2013-04-14 00:26:53
seebug
seebug
ModSecurity XMLĺ¤é¨ĺŽä˝äżĄćŻćłé˛ćźć´(CVE-2013-1915)
2013-04-28 00:00:00
cve
cve
CVE-2013-1915
2013-04-25 23:55:00
freebsd
freebsd
ModSecurity -- XML External Entity Processing Vulnerability
2013-04-02 00:00:00
prion
prion
Xxe
2013-04-25 23:55:00
osv
osv
libapache-mod-security - XML external entity processing vulnerability
2013-04-09 00:00:00
debiancve
debiancve
CVE-2013-1915
2013-04-25 23:55:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.6%
Related for UB:CVE-2013-1915