CVE-2015-3192 in JBoss BPM Suiteالمعلومات

الملخص

بحسب MITRE

Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a crafted XML file.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

10/04/2015

إفشاء

12/07/2016

الاعتدال

تمت الموافقة

إدخال

ربط

عرض

CPE

جاهز

CWE

CWE-119 (مؤكد)

CVSS

5.5 (NVD)

EPSS

0.01378

KEV

لا

النشاطات

منخفض جدًا

القطاع

Police, Lawfirm, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-3192
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-3192
CVE Details	https://www.cvedetails.com/cve/CVE-2015-3192/

التالي ▸نظرة عامة ◂ السابق

Want to know what is going to be exploited?

We predict KEV entries!