Miembros de
Boletines de Vulnerabilidades |
Rational Service Tester Open Source OpenSAML XML Information Disclosure (CVE-2013-6440) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
A potential security vulnerability exists in IBM Rational Service Tester related to OpenSAML. OpenSAML could allow a remote authenticated attacker to obtain sensitive information, caused by an error when parsing XML entities. By persuading a victim to open a specially-crafted XML document containing external entity references, an attacker could exploit this vulnerability to obtain sensitive information. The vulnerability has been eliminated in the latest version of IBM Rational Service Tester More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/rational_service_tester_open_source_opensaml_xml_information_disclosure_cve_2013_6440?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2013-6440 ,CVE-2014-0881 ,CVE-2014-0882 and CVE-2014-0862. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-03-04 |