QwikSec

Security Database

CVE

CWE

Training

CVE-2013-4002

Published: Jul 23, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_AIXAPAR

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_GENTOO

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2013:1257

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2013:1256

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

SUSE-SU-2013:1263

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2013:1663

vendor-advisory

x_refsource_SUSE

SUSE-SU-2013:1666

vendor-advisory

x_refsource_SUSE

APPLE-SA-2013-10-15-1

vendor-advisory

x_refsource_APPLE

SUSE-SU-2013:1293

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available

mailing-list

x_refsource_MLIST

SUSE-SU-2013:1255

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2013:1305

vendor-advisory

x_refsource_SUSE

ibm-java-cve20134002-dos(85260)

vdb-entry

x_refsource_XF

[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report

mailing-list

x_refsource_MLIST

[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1

mailing-list

x_refsource_MLIST

https://www.oracle.com/security-alerts/cpuapr2022.html

x_refsource_MISC

http://www.ibm.com/support/docview.wss?uid=swg21648172

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg21657539

x_refsource_CONFIRM

https://issues.apache.org/jira/browse/XERCESJ-1679

x_refsource_CONFIRM

http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250&r2=1499506&view=patch

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg21644197

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg21653371

x_refsource_CONFIRM

http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013

x_refsource_MISC

http://support.apple.com/kb/HT5982

x_refsource_CONFIRM

https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html

x_refsource_CONFIRM

http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002

x_refsource_CONFIRM

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.