[jboss-jira] [JBoss JIRA] (AS7-4747) xercesImpl-2.9.1-jbossas-1.jar is susceptible to CVE-2009-2625 (DoS Attack)

Monday, 30 May 2016



    [
https://issues.jboss.org/browse/AS7-4747?page=com.atlassian.jira.plugin.s...
] 

Ondrej Zizka edited comment on AS7-4747 at 5/30/16 6:04 AM:
------------------------------------------------------------

For the record: https://github.com/victims/victims-cve-db/issues/45


was (Author: ozizka):
For the record: https://github.com/victims/victims-cve-db/issues/44

...
 xercesImpl-2.9.1-jbossas-1.jar is susceptible to CVE-2009-2625 (DoS
Attack)
 ---------------------------------------------------------------------------

                 Key: AS7-4747
                 URL: https://issues.jboss.org/browse/AS7-4747
             Project: Application Server 7
          Issue Type: Bug
    Affects Versions: 7.1.1.Final
            Reporter: Arun Neelicattu
            Assignee: Jason Greene
              Labels: xercesImpl
             Fix For: 7.1.2.Final (EAP)


 The current version of xerces (_xercesImpl-2.9.1-jbossas-1.jar_) is vulnerable to
[CVE-2009-2625|https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2625]
 This vulnerability was fixed in xerces versions >= 2.10 


--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-jira] [JBoss JIRA] (AS7-4747) xercesImpl-2.9.1-jbossas-1.jar is susceptible to CVE-2009-2625 (DoS Attack)