Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtChristofer Dutz1337DAY-ID-24091
HistoryAug 20, 2015 - 12:00 a.m.

Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability

2015-08-2000:00:00
Christofer Dutz
0day.today
77

0.009 Low

EPSS

Percentile

80.6%

JSON

Exploit for windows platform in category remote exploits

CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Flex BlazeDS 4.7.0

Description: When receiving XML encoded AMF messages containing DTD entities, the default XML parser configurations allows expanding of entities to local resources. A request that included a specially crafted request parameter could be used to

access content that would otherwise be protected.


Mitigation: All users of Apache Flex BlazeDS prior to 4.7.1

Example: For an AMF message that contains the following xml payload:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE foo [
<!ELEMENT foo ANY >
<!ENTITY xxe SYSTEM "file:///etc/passwd" >]><foo>&xxe;</foo>
the entity &xxe; would be expanded to the content of the file /etc/passwd.
However this expanded information is not automatically transferred back to
the client, but could be made available by the application.

Credit: This issue was discovered by ο»ΏMatthias Kaiser of Code White

References: https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing


Christofer Dutz

#  0day.today [2018-04-02]  #

Related

nessus 4
threatpost 3
zdi 1
securityvulns 2
adobe 1
cve 1
prion 1
myhack58 2
vmware 2
cert 2
seebug 1
nessus
nessus
HP Operations Manager i Apache Flex BlazeDS External Entity Injection Vulnerability
2016-03-09 00:00:00
Adobe ColdFusion BlazeDS XXE (APSB15-21) (credentialed check)
2015-09-03 00:00:00
VMware vCenter Multiple Vulnerabilities (VMSA-2015-0008)
2015-12-22 00:00:00
threatpost
threatpost
VMware Patches Pesky XXE Bug in Flex BlazeDS
2015-11-20 16:36:23
Adobe LiveCycle Data Services Hotfix
2015-08-18 12:46:31
Adobe ColdFusion Hotfix
2015-08-27 14:08:42
zdi
zdi
Cisco Nexus Dashboard Fabric Controller XML External Entity Processing Information Disclosure Vulnerability
2022-03-11 00:00:00
securityvulns
securityvulns
CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability
2015-08-24 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2015-08-24 00:00:00
adobe
adobe
APSB15-20 Security update available for LiveCycle Data Services
2015-08-18 00:00:00
cve
cve
CVE-2015-3269
2015-08-25 01:59:00
prion
prion
Xxe
2015-08-25 01:59:00
myhack58
myhack58
Java AMF3 deserialization vulnerability analysis-vulnerability warning-the black bar safety net
2017-04-07 00:00:00
Java AMF3 exposure remote code execution vulnerability-vulnerability warning-the black bar safety net
2017-04-07 00:00:00
vmware
vmware
VMware product updates address information disclosure issue.
2015-11-18 00:00:00
VMware product updates address information disclosure issue.
2015-11-18 00:00:00
cert
cert
Granite Data Services AMF framework fails to properly parse XML input containing a reference to external entities
2016-03-24 00:00:00
Action Message Format (AMF3) Java implementations are vulnerable to insecure deserialization and XML external entities references
2017-04-04 00:00:00
seebug
seebug
AMF3 Java implementations Improper Restriction of XML External Entity Reference ('XXE')
2017-04-06 00:00:00

0.009 Low

EPSS

Percentile

80.6%

JSON
Related for 1337DAY-ID-24091
nessus4threatpost3zdi1securityvulns2adobe1cve1prion1myhack582vmware2cert2seebug1