Web application abuses : Apache Axis2 < 1.5.2 Document Type Declaration Processing Security Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.100814

Categoría: Web application abuses

Título: Apache Axis2 < 1.5.2 Document Type Declaration Processing Security Vulnerability

Resumen: Apache Axis2 is prone to a security vulnerability that may; result in information disclosure or denial-of-service (DoS) conditions.

Descripción: Summary:
Apache Axis2 is prone to a security vulnerability that may
result in information disclosure or denial-of-service (DoS) conditions.

Vulnerability Impact:
An attacker can exploit this vulnerability to obtain potentially
sensitive information by including local and external files on computers running the vulnerable
application or by causing denial-of-service conditions. Other attacks are also possible.

Affected Software/OS:
The issue affects versions prior to 1.5.2 and 1.6.

Solution:
The vendor has released fixes. Please see the references for
more information.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-1632
1036901
http://www.securitytracker.com/id/1036901
40252
http://secunia.com/advisories/40252
40279
http://secunia.com/advisories/40279
41016
http://secunia.com/advisories/41016
41025
http://secunia.com/advisories/41025
ADV-2010-1528
http://www.vupen.com/english/advisories/2010/1528
ADV-2010-1531
http://www.vupen.com/english/advisories/2010/1531
PM14765
http://www-1.ibm.com/support/docview.wss?uid=swg1PM14765
PM14844
http://www-1.ibm.com/support/docview.wss?uid=swg1PM14844
PM14847
http://www-1.ibm.com/support/docview.wss?uid=swg1PM14847
http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html
http://geronimo.apache.org/21x-security-report.html
http://geronimo.apache.org/22x-security-report.html
http://markmail.org/message/e4yiij7lfexastvl
http://www-01.ibm.com/support/docview.wss?uid=swg21433581
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289984
https://issues.apache.org/jira/browse/AXIS2-4450
https://issues.apache.org/jira/browse/GERONIMO-5383
https://svn.apache.org/repos/asf/axis/axis2/java/core/security/CVE-2010-1632.pdf

Copyright Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.100814
Categoría:	Web application abuses
Título:	Apache Axis2 < 1.5.2 Document Type Declaration Processing Security Vulnerability
Resumen:	Apache Axis2 is prone to a security vulnerability that may; result in information disclosure or denial-of-service (DoS) conditions.
Descripción:	Summary: Apache Axis2 is prone to a security vulnerability that may result in information disclosure or denial-of-service (DoS) conditions. Vulnerability Impact: An attacker can exploit this vulnerability to obtain potentially sensitive information by including local and external files on computers running the vulnerable application or by causing denial-of-service conditions. Other attacks are also possible. Affected Software/OS: The issue affects versions prior to 1.5.2 and 1.6. Solution: The vendor has released fixes. Please see the references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1632 1036901 http://www.securitytracker.com/id/1036901 40252 http://secunia.com/advisories/40252 40279 http://secunia.com/advisories/40279 41016 http://secunia.com/advisories/41016 41025 http://secunia.com/advisories/41025 ADV-2010-1528 http://www.vupen.com/english/advisories/2010/1528 ADV-2010-1531 http://www.vupen.com/english/advisories/2010/1531 PM14765 http://www-1.ibm.com/support/docview.wss?uid=swg1PM14765 PM14844 http://www-1.ibm.com/support/docview.wss?uid=swg1PM14844 PM14847 http://www-1.ibm.com/support/docview.wss?uid=swg1PM14847 http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html http://geronimo.apache.org/21x-security-report.html http://geronimo.apache.org/22x-security-report.html http://markmail.org/message/e4yiij7lfexastvl http://www-01.ibm.com/support/docview.wss?uid=swg21433581 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289984 https://issues.apache.org/jira/browse/AXIS2-4450 https://issues.apache.org/jira/browse/GERONIMO-5383 https://svn.apache.org/repos/asf/axis/axis2/java/core/security/CVE-2010-1632.pdf
Copyright	Copyright (C) 2010 Greenbone AG