CVE-2009-5135

NONECVSS 0.0

0.0

The Java XML parser in Echo before 2.1.1 and 3.x before 3.0.b6 allows remote attackers to read arbitrary files via a request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

🔗 References (14)

psirt@ushttp://echo.nextapp.com/site/node/5742
psirt@ushttp://secunia.com/advisories/34218
psirt@ushttp://www.exploit-db.com/exploits/8191/
psirt@ushttp://www.securityfocus.com/archive/1/501637/100/0/threaded
psirt@ushttp://www.vupen.com/english/advisories/2009/0653
psirt@ushttps://exchange.xforce.ibmcloud.com/vulnerabilities/49167
psirt@ushttps://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20090305-0_echo_nextapp_xml_injection.txt
af854a3a-2127-422b-91ae-364da2661108http://echo.nextapp.com/site/node/5742
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34218
af854a3a-2127-422b-91ae-364da2661108http://www.exploit-db.com/exploits/8191/
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/501637/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0653
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/49167
af854a3a-2127-422b-91ae-364da2661108https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20090305-0_echo_nextapp_xml_injection.txt

Is Your Infrastructure Affected by CVE-2009-5135?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-5135

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-5135?