[jboss-jira] [JBoss JIRA] (AS7-4747) xercesImpl-2.9.1-jbossas-1.jar is susceptible to CVE-2009-2625 (DoS Attack)
Ondrej Zizka (JIRA)
issues at jboss.org
Mon May 30 06:05:01 EDT 2016
[ https://issues.jboss.org/browse/AS7-4747?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13244663#comment-13244663 ]
Ondrej Zizka edited comment on AS7-4747 at 5/30/16 6:04 AM:
------------------------------------------------------------
For the record: https://github.com/victims/victims-cve-db/issues/45
was (Author: ozizka):
For the record: https://github.com/victims/victims-cve-db/issues/44
> xercesImpl-2.9.1-jbossas-1.jar is susceptible to CVE-2009-2625 (DoS Attack)
> ---------------------------------------------------------------------------
>
> Key: AS7-4747
> URL: https://issues.jboss.org/browse/AS7-4747
> Project: Application Server 7
> Issue Type: Bug
> Affects Versions: 7.1.1.Final
> Reporter: Arun Neelicattu
> Assignee: Jason Greene
> Labels: xercesImpl
> Fix For: 7.1.2.Final (EAP)
>
>
> The current version of xerces (_xercesImpl-2.9.1-jbossas-1.jar_) is vulnerable to [CVE-2009-2625|https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2625]
> This vulnerability was fixed in xerces versions >= 2.10
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list