CVE

Id
72689  
CVE No.
CVE-2014-5392  
Status
Candidate  
Description
XML External Entity (XXE) vulnerability in JobScheduler before 1.6.4246 and 7.x before 1.7.4241 allows remote attackers to cause a denial of service and read arbitrary files or directories via a request containing an XML external entity declaration in conjunction with an entity reference.  
Phase
Assigned (20140822)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
685433 72689 CVE-2014-5392 BUGTRAQ:20140907 CVE-2014-5392 XML eXternal Entity (XXE) in "JobScheduler"  View
685434 72689 CVE-2014-5392 URL:http://www.securityfocus.com/archive/1/archive/1/533374/100/0/threaded  View
685435 72689 CVE-2014-5392 MISC:http://packetstormsecurity.com/files/128181/JobScheduler-XML-eXternal-Entity-Injection.html  View
685436 72689 CVE-2014-5392 MISC:http://www.christian-schneider.net/advisories/CVE-2014-5392.txt  View
685437 72689 CVE-2014-5392 CONFIRM:http://www.sos-berlin.com/modules/news/article.php?storyid=73  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
19137 JVNDB-2014-008012 Hospira MedNet のインストールコンポーネントにおける重要な情報を取得される脆弱性 Hospira MedNet のインストールコンポーネントは、設定ファイルに平文の資格情報を配置するため、重要な情報を取得される脆弱性が存在します。 CVE-2014-5400 72689 2.1 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-008012.html  View