IBM Security Bulletin: Vulnerability in Castor library affects IBM Cúram(CVE-2014-3004)
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
IBM Cúram is shipped with a third party library called Castor, which is vulnerable to an XML External Entity Injection (XXE) error. CVE(s): CVE-2014-3004 Affected product(s) and affected version(s): IBM Cúram Social Program Management 4.5 IBM Cúram Social Program Management 5.2 IBM Cúram Social Program Management 6.0.3 IBM Cúram Social Program Management 6.0.4 IBM Cúram Social Program Management 6.0.5 IBM Cúram Social Program Management
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerability_in_castor_library_affects_ibm_c%25C3%25BAram_cve_2014_3004?lang=en_us |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
|