CVE-2015-3192 in JBoss BPM Suiteinfo

Zusammenfassung

von MITRE

Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a crafted XML file.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

10.04.2015

Veröffentlichung

12.07.2016

Moderieren

akzeptiert

Eintrag

Verknüpfen

zeigen

CPE

bereit

CWE

CWE-119 (bestätigt)

CVSS

5.5 (NVD)

EPSS

0.01378

KEV

nein

Aktivitäten

very low

Sektor

Finance, Hospital, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-3192
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-3192
CVE Details	https://www.cvedetails.com/cve/CVE-2015-3192/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!