Vulnerability CVE-2010-3260
Published: 2011-04-26   Modified: 2012-02-13

Description:
oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server component in the XForms service in Orbeon Forms before 3.9 does not properly restrict DTDs in Ajax requests, which allows remote attackers to read arbitrary files or send HTTP requests to intranet servers via an entity declaration in conjunction with an entity reference, related to an "XML injection" issue.

Type:

CWE-264

 (Permissions, Privileges, and Access Controls)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.4/10
4.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None
Affected software
Orbeon -> Forms 

 References:
https://github.com/orbeon/orbeon-forms/commit/aba6681660f65af7f1676434da68c10298c30200
http://wiki.orbeon.com/forms/doc/developer-guide/release-notes/39
http://www.stratsec.net/Research/Advisories/Orbeon-Forms-XML-Entity-Dereferencing-%28SS-2011-004
http://www.securityfocus.com/bid/47362
Copyright 2024, cxsecurity.com

 

Back to Top