CVE-2015-3192 in JBoss BPM Suiteinformação

Sumário

de MITRE

Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a crafted XML file.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

10/04/2015

Divulgação

12/07/2016

Moderação

aceite

Entrada

Relacionar

mostrar

CPE

pronto

CWE

CWE-119 (confirmado)

CVSS

5.5 (NVD)

EPSS

0.01378

KEV

não

Atividades

muito baixo

Sector

Pharma, Transportation, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-3192
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-3192
CVE Details	https://www.cvedetails.com/cve/CVE-2015-3192/

◂ Voltar Visão Geral Próximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!