CVE

Id
70925  
CVE No.
CVE-2014-3629  
Status
Candidate  
Description
XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote attackers to cause outgoing HTTP connections via a crafted message.  
Phase
Assigned (20140514)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
675584 70925 CVE-2014-3629 BUGTRAQ:20141107 CVE-2014-3629: Apache Qpid"s qpidd can be induced to make http requests  View
675585 70925 CVE-2014-3629 URL:http://www.securityfocus.com/archive/1/archive/1/533943/100/0/threaded  View
675586 70925 CVE-2014-3629 MISC:http://packetstormsecurity.com/files/129034/Apache-Qpid-0.30-Induced-HTTP-Requests.html  View
675587 70925 CVE-2014-3629 BID:71004  View
675588 70925 CVE-2014-3629 URL:http://www.securityfocus.com/bid/71004  View
675589 70925 CVE-2014-3629 SECUNIA:62235  View
675590 70925 CVE-2014-3629 URL:http://secunia.com/advisories/62235  View
675591 70925 CVE-2014-3629 XF:apache-qpid-cve20143629-info-disc(98575)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
15492 JVNDB-2014-004367 D-Bus におけるサービス運用妨害 (DoS) の脆弱性 D-Bus は、終了したプロセスへの接続を適切にクローズしないため、サービス運用妨害 (DoS) 状態にされる脆弱性が存在します。 CVE-2014-3637 70925 2.1 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004367.html  View