Oval Definition:	oval:org.mitre.oval:def:9847
Revision Date: 2010-09-06 Version: 5 Title: The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity (XXE) attacks and cause a denial of service or access restricted resources. Description: The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity (XXE) attacks and cause a denial of service or access restricted resources. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2008-0628 Platform(s): Red Hat Enterprise Linux Extras 5 Product(s): Definition Synopsis redhat-release is version 5 AND java-1.6.0-bea-demo is earlier than 1:1.6.0.03-1jpp.2.el5 OR java-1.6.0-bea-devel is earlier than 1:1.6.0.03-1jpp.2.el5 OR java-1.6.0-bea is earlier than 1:1.6.0.03-1jpp.2.el5 OR java-1.6.0-bea-src is earlier than 1:1.6.0.03-1jpp.2.el5 OR java-1.6.0-bea-missioncontrol is earlier than 1:1.6.0.03-1jpp.2.el5 OR java-1.6.0-bea-jdbc is earlier than 1:1.6.0.03-1jpp.2.el5
BACK