CVE-2012-0818

Published: Nov 23, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=785631

x_refsource_MISC

RHSA-2012:1059

vendor-advisory

x_refsource_REDHAT

51748

vdb-entry

x_refsource_BID

https://issues.jboss.org/browse/RESTEASY-637

x_refsource_CONFIRM

RHSA-2012:1056

vendor-advisory

x_refsource_REDHAT

RHSA-2012:1058

vendor-advisory

x_refsource_REDHAT

51766

vdb-entry

x_refsource_BID

78679

vdb-entry

x_refsource_OSVDB

RHSA-2012:0519

vendor-advisory

x_refsource_REDHAT

50084

third-party-advisory

x_refsource_SECUNIA

RHSA-2014:0371

vendor-advisory

x_refsource_REDHAT

RHSA-2012:1057

vendor-advisory

x_refsource_REDHAT

resteasy-xml-info-disclosure(72808)

vdb-entry

x_refsource_XF

48954

third-party-advisory

x_refsource_SECUNIA

RHSA-2012:0441

vendor-advisory

x_refsource_REDHAT

47832

third-party-advisory

x_refsource_SECUNIA

57719

third-party-advisory

x_refsource_SECUNIA

57716

third-party-advisory

x_refsource_SECUNIA

47818

third-party-advisory

x_refsource_SECUNIA

RHSA-2014:0372

vendor-advisory

x_refsource_REDHAT

48697

third-party-advisory

x_refsource_SECUNIA

RHSA-2012:1125

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-0818

Description

Affected Products

References