MidnightBSD

Advisories for castor_project

CVE-2014-3004 MEDIUM

The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-611,

Products Affected

Vendor Product Version
opensuse_project opensuse 12.3
castor_project castor 1.3.1
castor_project castor 1.3
opensuse opensuse 13.1
castor_project castor *