Boletines de Vulnerabilidades

IBM Security Bulletin: Content Integrator- Apache Xerces-J XML parser Denial of Service attack (CVE-2013-4002)

Información sobre el sistema
   
Software afectado IBM

Descripción
Apache Xerces-J XML parser (XML4J) shipped with IBM Content Integrator is vulnerable to a denial of service attack that can be triggered by malformed XML data CVE(s): CVE-2013-4002 Affected product(s) and affected version(s): IBM Content Integration 8.6 Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21663380 X-Force Database: http://xforce.iss.net/xforce/xfdb/85260

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_content_integrator_apache_xerces_j_xml_parser_denial_of_service_attack_cve_2013_4002?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2013-4002 ,CVE-2013-6329 ,CVE-2013-5780 ,CVE-2013-5372 ,CVE-2013-5803 and CVE-2013-1500.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-03-04

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT