CVE-2015-0132

N/A

Descripcion

The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

Detalles CVE

Puntuacion CVSS v3.1N/A

Publicado3/18/2015

Ultima modificacion5/6/2026

Fuentenvd

Avistamientos honeypot0

Productos afectados

ibm:rational_doors_next_generationibm:rational_requirements_composer

Debilidades (CWE)

CWE-399

Referencias

http://www-01.ibm.com/support/docview.wss?uid=swg21698248(psirt@us.ibm.com)

http://www-01.ibm.com/support/docview.wss?uid=swg21698248(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.