CVE-2015-0132
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
El analizador sintáctico de XML en IBM Rational DOORS Next Generation 4.x anterior a 4.0.7 iFix3 y 5.x anterior a 5.0.2 y Rational Requirements Composer 2.x y 3.x anterior a 3.0.1.6 iFix5 y 4.x anterior a 4.0.7 iFix3 no detecta correctamente la recursión durante la expansión de entidades, lo que permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de un documento XML que contiene un número grande de referencias de entidad anidadas, un problema similar a CVE-2003-1564.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-11-18 CVE Reserved
- 2015-03-18 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21698248 | 2015-03-18 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 2.0 Search vendor "Ibm" for product "Rational Requirements Composer" and version "2.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 2.0.0.1 Search vendor "Ibm" for product "Rational Requirements Composer" and version "2.0.0.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 2.0.0.2 Search vendor "Ibm" for product "Rational Requirements Composer" and version "2.0.0.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 2.0.0.3 Search vendor "Ibm" for product "Rational Requirements Composer" and version "2.0.0.3" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 2.0.0.4 Search vendor "Ibm" for product "Rational Requirements Composer" and version "2.0.0.4" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 3.0 Search vendor "Ibm" for product "Rational Requirements Composer" and version "3.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 3.0.1 Search vendor "Ibm" for product "Rational Requirements Composer" and version "3.0.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 3.0.1.1 Search vendor "Ibm" for product "Rational Requirements Composer" and version "3.0.1.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 3.0.1.2 Search vendor "Ibm" for product "Rational Requirements Composer" and version "3.0.1.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 3.0.1.3 Search vendor "Ibm" for product "Rational Requirements Composer" and version "3.0.1.3" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 3.0.1.4 Search vendor "Ibm" for product "Rational Requirements Composer" and version "3.0.1.4" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 3.0.1.5 Search vendor "Ibm" for product "Rational Requirements Composer" and version "3.0.1.5" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 3.0.1.6 Search vendor "Ibm" for product "Rational Requirements Composer" and version "3.0.1.6" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 4.0 Search vendor "Ibm" for product "Rational Requirements Composer" and version "4.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 4.0.0 Search vendor "Ibm" for product "Rational Requirements Composer" and version "4.0.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 4.0.0.1 Search vendor "Ibm" for product "Rational Requirements Composer" and version "4.0.0.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 4.0.0.2 Search vendor "Ibm" for product "Rational Requirements Composer" and version "4.0.0.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 4.0.1 Search vendor "Ibm" for product "Rational Requirements Composer" and version "4.0.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 4.0.2 Search vendor "Ibm" for product "Rational Requirements Composer" and version "4.0.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 4.0.3 Search vendor "Ibm" for product "Rational Requirements Composer" and version "4.0.3" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 4.0.4 Search vendor "Ibm" for product "Rational Requirements Composer" and version "4.0.4" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 4.0.5 Search vendor "Ibm" for product "Rational Requirements Composer" and version "4.0.5" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 4.0.6 Search vendor "Ibm" for product "Rational Requirements Composer" and version "4.0.6" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Requirements Composer Search vendor "Ibm" for product "Rational Requirements Composer" | 4.0.7 Search vendor "Ibm" for product "Rational Requirements Composer" and version "4.0.7" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Doors Next Generation Search vendor "Ibm" for product "Rational Doors Next Generation" | 4.0.0 Search vendor "Ibm" for product "Rational Doors Next Generation" and version "4.0.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Doors Next Generation Search vendor "Ibm" for product "Rational Doors Next Generation" | 4.0.1 Search vendor "Ibm" for product "Rational Doors Next Generation" and version "4.0.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Doors Next Generation Search vendor "Ibm" for product "Rational Doors Next Generation" | 4.0.2 Search vendor "Ibm" for product "Rational Doors Next Generation" and version "4.0.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Doors Next Generation Search vendor "Ibm" for product "Rational Doors Next Generation" | 4.0.3 Search vendor "Ibm" for product "Rational Doors Next Generation" and version "4.0.3" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Doors Next Generation Search vendor "Ibm" for product "Rational Doors Next Generation" | 4.0.4 Search vendor "Ibm" for product "Rational Doors Next Generation" and version "4.0.4" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Doors Next Generation Search vendor "Ibm" for product "Rational Doors Next Generation" | 4.0.5 Search vendor "Ibm" for product "Rational Doors Next Generation" and version "4.0.5" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Doors Next Generation Search vendor "Ibm" for product "Rational Doors Next Generation" | 4.0.6 Search vendor "Ibm" for product "Rational Doors Next Generation" and version "4.0.6" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Doors Next Generation Search vendor "Ibm" for product "Rational Doors Next Generation" | 4.0.7 Search vendor "Ibm" for product "Rational Doors Next Generation" and version "4.0.7" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Doors Next Generation Search vendor "Ibm" for product "Rational Doors Next Generation" | 5.0 Search vendor "Ibm" for product "Rational Doors Next Generation" and version "5.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Doors Next Generation Search vendor "Ibm" for product "Rational Doors Next Generation" | 5.0.1 Search vendor "Ibm" for product "Rational Doors Next Generation" and version "5.0.1" | - |
Affected
|