Multiple cross-site scripting (XSS) vulnerabilities in SpringSource tc Server 6.0.20.B and earlier, Application Management Suite (AMS) before 2.0.0.SR4, Hyperic HQ Open Source before 4.2.x, Hyperic HQ 4.0 Enterprise before 4.0.3.2, and Hyperic HQ 4.1 Enterprise before 4.1.2.1 allow remote attackers to inject arbitrary web script or HTML via the description field and unspecified "input fields."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| springsource | tc_server | * |
| springsource | hyperic_hq | * |
| springsource | application_management_suite | * |
SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | fusion_middleware | 7.6.2 |
| springsource | spring_framework | 2.5.0 |
| oracle | fusion_middleware | 11.1.1.6.1 |
| springsource | spring_framework | 3.0.2 |
| springsource | spring_framework | 2.5.4 |
| springsource | spring_framework | 2.5.6 |
| springsource | spring_framework | 3.0.1 |
| springsource | spring_framework | 2.5.1 |
| springsource | spring_framework | 2.5.7 |
| springsource | spring_framework | 3.0.0 |
| oracle | fusion_middleware | 11.1.1.8.0 |
| springsource | spring_framework | 2.5.2 |
| springsource | spring_framework | 2.5.3 |
| springsource | spring_framework | 2.5.5 |
The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| vmware | spring_framework | 3.2.2 |
| vmware | spring_framework | * |
| vmware | spring_framework | 3.0.7 |
| vmware | spring_framework | 3.0.6 |
| vmware | spring_framework | 3.1.2 |
| springsource | spring_framework | 3.0.2 |
| vmware | spring_framework | 4.0.0 |
| springsource | spring_framework | 3.0.0.m1 |
| springsource | spring_framework | 3.0.5 |
| springsource | spring_framework | 3.0.1 |
| vmware | spring_framework | 3.2.0 |
| vmware | spring_framework | 3.1.4 |
| springsource | spring_framework | 3.0.0.m2 |
| springsource | spring_framework | 3.0.4 |
| springsource | spring_framework | 3.0.0 |
| vmware | spring_framework | 3.1.1 |
| vmware | spring_framework | 3.2.1 |
| vmware | spring_framework | 3.1.3 |
| vmware | spring_framework | 3.1.0 |
| springsource | spring_framework | 3.0.3 |
The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152. NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| vmware | spring_framework | 3.2.2 |
| vmware | spring_framework | * |
| vmware | spring_framework | 3.0.7 |
| vmware | spring_framework | 3.0.6 |
| vmware | spring_framework | 3.1.2 |
| springsource | spring_framework | 3.0.2 |
| vmware | spring_framework | 4.0.0 |
| springsource | spring_framework | 3.0.0.m1 |
| springsource | spring_framework | 3.0.5 |
| springsource | spring_framework | 3.0.1 |
| vmware | spring_framework | 3.2.0 |
| vmware | spring_framework | 3.1.4 |
| springsource | spring_framework | 3.0.0.m2 |
| springsource | spring_framework | 3.0.4 |
| springsource | spring_framework | 3.0.0 |
| vmware | spring_framework | 3.1.1 |
| vmware | spring_framework | 3.2.1 |
| vmware | spring_framework | 3.1.3 |
| vmware | spring_framework | 3.1.0 |
| springsource | spring_framework | 3.0.3 |
The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| vmware | spring_framework | 3.2.2 |
| vmware | spring_framework | * |
| vmware | spring_framework | 3.1.2 |
| vmware | spring_framework | 3.2.4 |
| springsource | spring_framework | 3.0.4 |
| vmware | spring_framework | 3.1.1 |
| vmware | spring_framework | 3.2.1 |
| springsource | spring_framework | 4.0.1 |
| vmware | spring_framework | 3.2.3 |
| vmware | spring_framework | 3.1.0 |
| vmware | spring_framework | 3.0.7 |
| vmware | spring_framework | 3.0.6 |
| springsource | spring_framework | 3.0.2 |
| vmware | spring_framework | 4.0.0 |
| springsource | spring_framework | 3.0.0.m1 |
| springsource | spring_framework | 3.0.5 |
| springsource | spring_framework | 3.0.1 |
| vmware | spring_framework | 3.2.0 |
| springsource | spring_framework | 3.2.5 |
| vmware | spring_framework | 3.1.4 |
| springsource | spring_framework | 3.0.0.m2 |
| springsource | spring_framework | 3.0.0 |
| springsource | spring_framework | 3.2.6 |
| vmware | spring_framework | 3.1.3 |
| springsource | spring_framework | 4.0.0 |
| springsource | spring_framework | 3.0.3 |