NVD

Id
40681  
Name
CVE-2013-5372  
Description
The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document that triggers expansion for many entities.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-18  
Published
2013-10-19  
Modified Date
2014-01-27  
Seq
2013-5372  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
205946 40681 CVE-2013-5372 SUSE-SU-2013:1677  View
205947 40681 CVE-2013-5372 RHSA-2013:1507  View
205948 40681 CVE-2013-5372 RHSA-2013:1508  View
205949 40681 CVE-2013-5372 RHSA-2013:1509  View
205950 40681 CVE-2013-5372 RHSA-2013:1793  View
205951 40681 CVE-2013-5372 IC96473  View
205952 40681 CVE-2013-5372 http://www-01.ibm.com/support/docview.wss?uid=swg21653087  View
205953 40681 CVE-2013-5372 http://www-01.ibm.com/support/docview.wss?uid=swg21655201  View
205954 40681 CVE-2013-5372 http://www-01.ibm.com/support/docview.wss?uid=swg21655202  View
205955 40681 CVE-2013-5372 ibm-xml4j-cve20135372-dos(86662)  View
205956 40681 CVE-2013-5372 https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
23246 JVNDB-2013-004821 IBM WebSphere Message Broker および IBM Integration Bus の XML4J パーサにおけるサービス運用妨害 (DoS) の脆弱性 IBM WebSphere Message Broker および IBM Integration Bus の XML4J パーサには、サービス運用妨害 (メモリ消費) 状態にされる脆弱性が存在します。 CVE-2013-5372 65314 CVE-2013-5372 40681 4.3 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004821.html 2013-10-17 2014-06-27 View