QwikSec

Security Database

CVE

CWE

Training

CVE-2013-5372

Published: Oct 19, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document that triggers expansion for many entities.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg21655202

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2013:1677

vendor-advisory

x_refsource_SUSE

http://www-01.ibm.com/support/docview.wss?uid=swg21655201

x_refsource_CONFIRM

ibm-xml4j-cve20135372-dos(86662)

vdb-entry

x_refsource_XF

https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg21653087

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.