Description

IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000784.

Remediation

References

CVE-2016-9707

Related Vulnerabilities

ownCloud Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-24804)

WordPress Plugin WPBakery Page Builder Clipboard Security Bypass (4.5.7)

WordPress Plugin WordPress renaming tool by Vlajo Arbitrary File Download (1.0)

Dolphin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-3638)

Oracle Database Server CVE-2009-1985 Vulnerability (CVE-2009-1985)

Severity

High

Classification

CVE-2016-9707 CWE-611 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities