4.3
CVE-2013-5372
- EPSS 2.81%
- Veröffentlicht 19.10.2013 10:36:07
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document that triggers expansion for many entities.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Websphere Message Broker Version6.1
Ibm ≫ Websphere Message Broker Version6.1.0.1
Ibm ≫ Websphere Message Broker Version6.1.0.2
Ibm ≫ Websphere Message Broker Version6.1.0.3
Ibm ≫ Websphere Message Broker Version6.1.0.4
Ibm ≫ Websphere Message Broker Version6.1.0.5
Ibm ≫ Websphere Message Broker Version6.1.0.6
Ibm ≫ Websphere Message Broker Version6.1.0.7
Ibm ≫ Websphere Message Broker Version6.1.0.8
Ibm ≫ Websphere Message Broker Version6.1.0.9
Ibm ≫ Websphere Message Broker Version6.1.0.10
Ibm ≫ Websphere Message Broker Version6.1.0.11
Ibm ≫ Websphere Message Broker Version8.0
Ibm ≫ Websphere Message Broker Version8.0.0.1
Ibm ≫ Websphere Message Broker Version8.0.0.2
Ibm ≫ Websphere Message Broker Version8.0.0.3
Ibm ≫ Websphere Message Broker Version7.0.
Ibm ≫ Websphere Message Broker Version7.0.0.1
Ibm ≫ Websphere Message Broker Version7.0.0.2
Ibm ≫ Websphere Message Broker Version7.0.0.3
Ibm ≫ Websphere Message Broker Version7.0.0.4
Ibm ≫ Websphere Message Broker Version7.0.0.5
Ibm ≫ Websphere Message Broker Version7.0.0.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.81% | 0.847 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html
http://rhn.redhat.com/errata/RHSA-2013-1507.html
http://rhn.redhat.com/errata/RHSA-2013-1508.html
http://rhn.redhat.com/errata/RHSA-2013-1509.html
http://rhn.redhat.com/errata/RHSA-2013-1793.html
http://secunia.com/advisories/56338
http://www-01.ibm.com/support/docview.wss?uid=swg21655201
http://www-01.ibm.com/support/docview.wss?uid=swg1IC96473
http://www-01.ibm.com/support/docview.wss?uid=swg21653087
http://www-01.ibm.com/support/docview.wss?uid=swg21655202
https://exchange.xforce.ibmcloud.com/vulnerabilities/86662
https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013