exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2018-1000632

Status Candidate

Overview

dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later.

Related Files

Ubuntu Security Notice USN-4619-1
Posted Nov 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4619-1 - Mário Areias discovered that dom4j did not properly validate XML document elements. An attacker could exploit this with a crafted XML file to cause dom4j to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-1000632
SHA-256 | 8811267ce4069d8fe5cf28d9c899a4bbd6040492be72350f1903c43c1d710157
Red Hat Security Advisory 2020-3192-01
Posted Jul 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3192-01 - This release of Red Hat Fuse 7.7.0 serves as a replacement for Red Hat Fuse 7.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, XML injection, bypass, cross site scripting, denial of service, information leakage, and server-side request forgery vulnerabilities.

tags | advisory, web, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2016-4970, CVE-2018-1000632, CVE-2018-11797, CVE-2018-12541, CVE-2018-3831, CVE-2019-0231, CVE-2019-10086, CVE-2019-10172, CVE-2019-12086, CVE-2019-12400, CVE-2019-14540, CVE-2019-14888, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531, CVE-2019-17573, CVE-2019-20330, CVE-2019-20444, CVE-2019-20445, CVE-2019-3797, CVE-2019-9511, CVE-2019-9827, CVE-2020-10672
SHA-256 | 7c2d2464e2e75c435724268e7235a048d87b1886dbc11e01f6fa6141b8a86b2c
Red Hat Security Advisory 2019-3172-01
Posted Oct 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3172-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.

tags | advisory, remote, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-16470, CVE-2019-10198, CVE-2019-14825
SHA-256 | 0d1a7f3e91df6df87aebdd58b89f12efd814a2be22f9232bceca09c5693fa8c4
Red Hat Security Advisory 2019-1162-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1162-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.22 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.21, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-8034
SHA-256 | c7d1940fd728b415f110e72909845b2271eb585cf3fe1c0022cb42c5baba4e0e
Red Hat Security Advisory 2019-1160-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1160-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.22 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.21, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-8034
SHA-256 | 3a5c07b7f4dc0c1d0e83e80c108f16d7d04eb6c1b01ece3a5004980feb6ad6a1
Red Hat Security Advisory 2019-1161-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1161-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.22 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.21, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-8034
SHA-256 | de8411e9560c197b8de7528b762568e5f5c3aa978f3a5f13cf46e86c2003548d
Red Hat Security Advisory 2019-1159-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1159-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.22 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.21, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-8034
SHA-256 | 53067ef42952a1e99d1aba18ee49ae76fe735209c653df2c3a7195c682804794
Red Hat Security Advisory 2019-0364-01
Posted Feb 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0364-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-14642
SHA-256 | a228d9418494e5a5cd97d703c55108239e82d26c2deebf111ebb52fd2adf1aec
Red Hat Security Advisory 2019-0362-01
Posted Feb 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0362-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-14642
SHA-256 | 09b757ecbeea503e2e2dd6f7ac771af07bbaed81be2e458c03e54c8290188e5d
Red Hat Security Advisory 2019-0380-01
Posted Feb 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0380-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.6 serves as a replacement for Red Hat Single Sign-On 7.2.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-14642
SHA-256 | 32aad9996df6400db8adadb3fa8c9c6302bbd9bc31c388eac459b86318d6202a
Red Hat Security Advisory 2019-0365-01
Posted Feb 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0365-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-14642
SHA-256 | 6e0db3fe2f3f38836bb6573608efad79fe56089340c18ecdc05321a13b97597d
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close