CVE-2013-4002 (GCVE-0-2013-4002)
Vulnerability from cvelistv5
Published
2013-07-23 10:00
Modified
2024-08-06 16:30
Severity ?
CWE
  • n/a
Summary
XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.
References
psirt@us.ibm.com http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html Broken Link, Mailing List
psirt@us.ibm.com http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html Third Party Advisory
psirt@us.ibm.com http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html Third Party Advisory
psirt@us.ibm.com http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html Third Party Advisory
psirt@us.ibm.com http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html Third Party Advisory
psirt@us.ibm.com http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html Third Party Advisory
psirt@us.ibm.com http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html Third Party Advisory
psirt@us.ibm.com http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html Third Party Advisory
psirt@us.ibm.com http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html Third Party Advisory
psirt@us.ibm.com http://marc.info/?l=bugtraq&m=138674031212883&w=2 Issue Tracking, Mailing List, Third Party Advisory
psirt@us.ibm.com http://marc.info/?l=bugtraq&m=138674073720143&w=2 Issue Tracking, Mailing List, Third Party Advisory
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2013-1059.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2013-1060.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2013-1081.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2013-1440.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2013-1447.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2013-1451.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2013-1505.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2014-1818.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2014-1821.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2014-1822.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2014-1823.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2015-0675.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2015-0720.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2015-0765.html Broken Link
psirt@us.ibm.com http://rhn.redhat.com/errata/RHSA-2015-0773.html Broken Link
psirt@us.ibm.com http://secunia.com/advisories/56257 Third Party Advisory
psirt@us.ibm.com http://security.gentoo.org/glsa/glsa-201406-32.xml Third Party Advisory
psirt@us.ibm.com http://support.apple.com/kb/HT5982 Third Party Advisory
psirt@us.ibm.com http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250&r2=1499506&view=patch Patch, Vendor Advisory
psirt@us.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015 Vendor Advisory
psirt@us.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21644197 Vendor Advisory
psirt@us.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21653371 Vendor Advisory
psirt@us.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21657539 Vendor Advisory
psirt@us.ibm.com http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html Third Party Advisory
psirt@us.ibm.com http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002 Vendor Advisory
psirt@us.ibm.com http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 Vendor Advisory
psirt@us.ibm.com http://www.ibm.com/support/docview.wss?uid=swg21648172 Broken Link
psirt@us.ibm.com http://www.securityfocus.com/bid/61310 Third Party Advisory, VDB Entry
psirt@us.ibm.com http://www.ubuntu.com/usn/USN-2033-1 Third Party Advisory
psirt@us.ibm.com http://www.ubuntu.com/usn/USN-2089-1 Third Party Advisory
psirt@us.ibm.com https://access.redhat.com/errata/RHSA-2014:0414 Third Party Advisory
psirt@us.ibm.com https://exchange.xforce.ibmcloud.com/vulnerabilities/85260 VDB Entry, Vendor Advisory
psirt@us.ibm.com https://issues.apache.org/jira/browse/XERCESJ-1679 Issue Tracking, Vendor Advisory
psirt@us.ibm.com https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E
psirt@us.ibm.com https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
psirt@us.ibm.com https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E
psirt@us.ibm.com https://www.oracle.com/security-alerts/cpuapr2022.html
psirt@us.ibm.com https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html Broken Link, Mailing List
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=138674031212883&w=2 Issue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=138674073720143&w=2 Issue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2013-1059.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2013-1060.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2013-1081.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2013-1440.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2013-1447.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2013-1451.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2013-1505.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2014-1818.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2014-1821.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2014-1822.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2014-1823.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2015-0675.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2015-0720.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2015-0765.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2015-0773.html Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/56257 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://security.gentoo.org/glsa/glsa-201406-32.xml Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://support.apple.com/kb/HT5982 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250&r2=1499506&view=patch Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www-01.ibm.com/support/docview.wss?uid=swg21644197 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www-01.ibm.com/support/docview.wss?uid=swg21653371 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www-01.ibm.com/support/docview.wss?uid=swg21657539 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.ibm.com/support/docview.wss?uid=swg21648172 Broken Link
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/61310 Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108 http://www.ubuntu.com/usn/USN-2033-1 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.ubuntu.com/usn/USN-2089-1 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://access.redhat.com/errata/RHSA-2014:0414 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/85260 VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 https://issues.apache.org/jira/browse/XERCESJ-1679 Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108 https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108 https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108 https://www.oracle.com/security-alerts/cpuapr2022.html
af854a3a-2127-422b-91ae-364da2661108 https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html Third Party Advisory
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:30:49.315Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IC98015",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
          },
          {
            "name": "RHSA-2013:1060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
          },
          {
            "name": "RHSA-2014:0414",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2014:0414"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "RHSA-2013:1447",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
          },
          {
            "name": "RHSA-2015:0765",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
          },
          {
            "name": "RHSA-2013:1440",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
          },
          {
            "name": "RHSA-2015:0675",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
          },
          {
            "name": "61310",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/61310"
          },
          {
            "name": "RHSA-2015:0773",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
          },
          {
            "name": "RHSA-2015:0720",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
          },
          {
            "name": "SUSE-SU-2013:1257",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
          },
          {
            "name": "USN-2033-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2033-1"
          },
          {
            "name": "USN-2089-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2089-1"
          },
          {
            "name": "SUSE-SU-2013:1256",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
          },
          {
            "name": "HPSBUX02944",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
          },
          {
            "name": "RHSA-2013:1505",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
          },
          {
            "name": "HPSBUX02943",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
          },
          {
            "name": "RHSA-2014:1822",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
          },
          {
            "name": "56257",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56257"
          },
          {
            "name": "SUSE-SU-2013:1263",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
          },
          {
            "name": "RHSA-2013:1059",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
          },
          {
            "name": "RHSA-2014:1823",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
          },
          {
            "name": "openSUSE-SU-2013:1663",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
          },
          {
            "name": "SUSE-SU-2013:1666",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
          },
          {
            "name": "APPLE-SA-2013-10-15-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
          },
          {
            "name": "SUSE-SU-2013:1293",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
          },
          {
            "name": "RHSA-2013:1081",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
          },
          {
            "name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
          },
          {
            "name": "SUSE-SU-2013:1255",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
          },
          {
            "name": "RHSA-2013:1451",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
          },
          {
            "name": "RHSA-2014:1818",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
          },
          {
            "name": "RHSA-2014:1821",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
          },
          {
            "name": "SUSE-SU-2013:1305",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
          },
          {
            "name": "ibm-java-cve20134002-dos(85260)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
          },
          {
            "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
          },
          {
            "name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5982"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-07-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-19T23:19:06",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "IC98015",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
        },
        {
          "name": "RHSA-2013:1060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
        },
        {
          "name": "RHSA-2014:0414",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2014:0414"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "RHSA-2013:1447",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
        },
        {
          "name": "RHSA-2015:0765",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
        },
        {
          "name": "RHSA-2013:1440",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
        },
        {
          "name": "RHSA-2015:0675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
        },
        {
          "name": "61310",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/61310"
        },
        {
          "name": "RHSA-2015:0773",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
        },
        {
          "name": "RHSA-2015:0720",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
        },
        {
          "name": "SUSE-SU-2013:1257",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
        },
        {
          "name": "USN-2033-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2033-1"
        },
        {
          "name": "USN-2089-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2089-1"
        },
        {
          "name": "SUSE-SU-2013:1256",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
        },
        {
          "name": "HPSBUX02944",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
        },
        {
          "name": "RHSA-2013:1505",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
        },
        {
          "name": "HPSBUX02943",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
        },
        {
          "name": "RHSA-2014:1822",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
        },
        {
          "name": "56257",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56257"
        },
        {
          "name": "SUSE-SU-2013:1263",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
        },
        {
          "name": "RHSA-2013:1059",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
        },
        {
          "name": "RHSA-2014:1823",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
        },
        {
          "name": "openSUSE-SU-2013:1663",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
        },
        {
          "name": "SUSE-SU-2013:1666",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
        },
        {
          "name": "APPLE-SA-2013-10-15-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
        },
        {
          "name": "SUSE-SU-2013:1293",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
        },
        {
          "name": "RHSA-2013:1081",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
        },
        {
          "name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
        },
        {
          "name": "SUSE-SU-2013:1255",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
        },
        {
          "name": "RHSA-2013:1451",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
        },
        {
          "name": "RHSA-2014:1818",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
        },
        {
          "name": "RHSA-2014:1821",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
        },
        {
          "name": "SUSE-SU-2013:1305",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
        },
        {
          "name": "ibm-java-cve20134002-dos(85260)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
        },
        {
          "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
        },
        {
          "name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5982"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-4002",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IC98015",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
            },
            {
              "name": "RHSA-2013:1060",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
            },
            {
              "name": "RHSA-2014:0414",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2014:0414"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "RHSA-2013:1447",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
            },
            {
              "name": "RHSA-2015:0765",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
            },
            {
              "name": "RHSA-2013:1440",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
            },
            {
              "name": "RHSA-2015:0675",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
            },
            {
              "name": "61310",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/61310"
            },
            {
              "name": "RHSA-2015:0773",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
            },
            {
              "name": "RHSA-2015:0720",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
            },
            {
              "name": "SUSE-SU-2013:1257",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
            },
            {
              "name": "USN-2033-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2033-1"
            },
            {
              "name": "USN-2089-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2089-1"
            },
            {
              "name": "SUSE-SU-2013:1256",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
            },
            {
              "name": "HPSBUX02944",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
            },
            {
              "name": "RHSA-2013:1505",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
            },
            {
              "name": "HPSBUX02943",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
            },
            {
              "name": "RHSA-2014:1822",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
            },
            {
              "name": "56257",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56257"
            },
            {
              "name": "SUSE-SU-2013:1263",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
            },
            {
              "name": "RHSA-2013:1059",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
            },
            {
              "name": "RHSA-2014:1823",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
            },
            {
              "name": "openSUSE-SU-2013:1663",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
            },
            {
              "name": "SUSE-SU-2013:1666",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
            },
            {
              "name": "APPLE-SA-2013-10-15-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
            },
            {
              "name": "SUSE-SU-2013:1293",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
            },
            {
              "name": "RHSA-2013:1081",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
            },
            {
              "name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E"
            },
            {
              "name": "SUSE-SU-2013:1255",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
            },
            {
              "name": "RHSA-2013:1451",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
            },
            {
              "name": "RHSA-2014:1818",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
            },
            {
              "name": "RHSA-2014:1821",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
            },
            {
              "name": "SUSE-SU-2013:1305",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
            },
            {
              "name": "ibm-java-cve20134002-dos(85260)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
            },
            {
              "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
            },
            {
              "name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21648172",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
            },
            {
              "name": "https://issues.apache.org/jira/browse/XERCESJ-1679",
              "refsource": "CONFIRM",
              "url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
            },
            {
              "name": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
            },
            {
              "name": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
              "refsource": "MISC",
              "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
            },
            {
              "name": "http://support.apple.com/kb/HT5982",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5982"
            },
            {
              "name": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
              "refsource": "CONFIRM",
              "url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
            },
            {
              "name": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
            },
            {
              "name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
              "refsource": "CONFIRM",
              "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-4002",
    "datePublished": "2013-07-23T10:00:00",
    "dateReserved": "2013-06-07T00:00:00",
    "dateUpdated": "2024-08-06T16:30:49.315Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-4002\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2013-07-23T11:03:19.790\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.\"},{\"lang\":\"es\",\"value\":\"XMLscanner.java en Apache Xerces2 Java Parser, en versiones anteriores a la 2.12.0, tal y como se emple\u00f3 en Java Runtime Environment (JRE) en IBM Java, en versiones 5.0 anteriores a la 5.0 SR16-FP3, 6 anteriores a la 6 SR14, 6.0.1 anteriores a la 6.0.1 SR6 y 7 anteriores a la 7 SR5, as\u00ed como en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, Java SE Embedded 7u40 y anteriores y, posiblemente, otros productos, permite que los atacantes remotos realicen una denegaci\u00f3n de servicio (DoS) mediante vectores relacionados con los nombres de atributo XML.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03D3F84F-3F6E-4DF1-B162-152293D951EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A18121C3-F3F1-4EC7-A64E-3F6A0C9788C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAD59912-7325-4AE1-ACCF-D4F804AF3947\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62783157-E3B6-4A23-8D2F-1FBD0762E9A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14CC0D53-8AB8-4D44-82BB-0E6A974C36AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91A3129F-17A6-4F32-BD5D-34E4A1D1A840\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2845FF4-2620-4B8D-96CF-CC26B3DEA3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC7CD279-54B6-4F6B-AE14-299FB319C690\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EA269CA-4676-4008-89EF-20FAB89886A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D22105B6-1378-4E1C-B28A-FCAE00A2D5CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"601762D3-1188-4945-931D-EB8DAC2847A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA4A30A6-498C-46B8-8EFC-45EB13354EAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"414CC00A-C797-4C34-8709-75DC061DCDE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4401B967-0550-44F1-8753-9632120D2A44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4961693D-F56C-46CD-B721-6A15E2837C17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:5.0.16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA4FBB66-CF6A-42D2-B122-1861F4139E75\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14AD4A87-382A-41F0-96D8-0F0A9B738773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33701DDF-6882-41D3-A11B-A1F4585A77A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25C58BBA-06AC-40CD-A906-FD1B3B0AAB69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76C5B430-EE11-4674-B4B0-895D66E3B32F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1837D84-6B4F-40D8-9A3F-71C328F659BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D20A369B-2168-4883-A84C-BB48A71AFB33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3628AAB4-E524-46E5-AAF4-1980256F13CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30DC9FE3-CDE9-4F83-989B-4E431BA18B56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C17B1C6B-04CE-49FB-B9BD-98ECD626B26F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F529EB-2BCA-4E3E-93E4-2A9880CDA367\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DEAC3D6-F9F8-4F82-9BF1-FF0EC07A3274\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7694638C-CDAC-44DF-B9F9-F7237CD98017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23903A3C-1760-4836-BAE6-BDD32CBB4CBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2477E033-D26B-4D71-839B-5FE4B0927559\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1CAB7BF-265E-411D-A584-E78DE171F065\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E45F670-232F-4CE5-8926-6463E5619506\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B70E6E3-15B3-4D48-AE49-B9184A58EECE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5BCE3FD-B89B-4141-8103-9DB941AD60D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EADFB3B-738F-4919-B165-9ECEED46EA6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:6.0.13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B23A5431-E599-4848-AB83-B299898F5EF0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A8BF650-B8F5-467E-8DBF-81788B55F345\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1752A831-916F-4A7D-8AAE-1CEFACC51F91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C9744C4-76BE-428B-AFF2-5BCE00A58322\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48B1DE45-90F9-416B-9087-8AEF5B0A3C46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EF6A045-0DF6-463B-A0DB-6C31D8C2984C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A731493C-9B46-4105-9902-B15BA0E0FB11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49454369-A494-4EAA-88D5-181570DEBB4A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.5.0:update51:*:*:*:*:*:*\",\"matchCriteriaId\":\"04C71221-E477-4DF8-B10A-3AC64511E4EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update60:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF7DE0E6-F329-417B-8035-B4EBF9C97483\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update40:*:*:*:*:*:*\",\"matchCriteriaId\":\"220536FA-695D-4DE8-9813-494E3D061B78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.5.0:update51:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACB55CC5-0EC7-44B2-B5A9-A5B1EE584791\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update60:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F6B5E73-6751-475A-B9BF-3414D3476208\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update40:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CB654DC-1D3D-4475-8815-335AC573F54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"r27.7.0\",\"versionEndIncluding\":\"r27.7.6\",\"matchCriteriaId\":\"DF26274E-5364-4FC1-9603-A78C365596DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"r28.0.0\",\"versionEndIncluding\":\"r28.2.8\",\"matchCriteriaId\":\"583E7A18-48C5-4AEE-A9C1-239D678E275A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF65201D-8980-450A-A542-3B5473A6F374\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:host_on-demand:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E51D5AEF-B3D4-4782-9988-BC1DB3F3F296\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:host_on-demand:11.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E179FC2F-C700-4998-9D7A-3B945874CAC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:host_on-demand:11.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2341D5E7-15CD-4C8F-ABE8-AA915BFA2804\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:host_on-demand:11.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"474DC3BA-27F2-452A-85AD-BCC476EDD35B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:host_on-demand:11.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"997CA07C-EBB7-4D7F-AF23-A161817BF4A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:host_on-demand:11.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BFE87FC-7B77-4840-8185-1707CB37323B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:host_on-demand:11.0.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C77DD8B3-A227-4350-8699-FEC822119393\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:host_on-demand:11.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FA56704-18EB-4F3B-A36F-BCEF67B07C0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:host_on-demand:11.0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"420CC5FF-0300-4FA7-AB53-78C1A0B83C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:host_on-demand:11.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7132A0E-C2A1-403E-9516-A6911563D7B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:host_on-demand:11.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F32CA797-ED68-426E-9370-E16C90075E01\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB2F6EF3-721A-43AB-AAFD-BE3EEDB0AA61\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E492C463-D76E-49B7-A4D4-3B499E422D89\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*\",\"matchCriteriaId\":\"F5027746-8216-452D-83C5-2F8E9546F2A5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:sterling_b2b_integrator:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40363692-5283-4D0C-BAE1-C049C02A0294\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F805BA3A-178D-416E-9DED-4258F71A17C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:sterling_file_gateway:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A40AC14-AC2B-4A0D-A9CC-3A00B48D8975\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:sterling_file_gateway:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1554D69E-D68E-46CA-B1F7-C24CAABF58E8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F480AA32-841A-4E68-9343-B2E7548B0A0C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E492C463-D76E-49B7-A4D4-3B499E422D89\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C684FC45-C9BA-4EF0-BD06-BB289450DD21\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*\",\"matchCriteriaId\":\"F5027746-8216-452D-83C5-2F8E9546F2A5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D806A17E-B8F9-466D-807D-3F1E77603DC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFBF430B-0832-44B0-AA0E-BA9E467F7668\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*\",\"matchCriteriaId\":\"4339DE06-19FB-4B8E-B6AE-3495F605AD05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ED68ADD-BBDA-4485-BC76-58F011D72311\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CF5C5B9-2CB9-4CD8-B94F-A674ED909CC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_java:11:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"252CF7A7-3FEB-4503-AEE8-B67139C5B0D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_java:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"79D7DBBA-6849-45F7-AFEF-C765569C481A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_sdk:11:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C634990-2690-4E3B-B21F-6687A6A34644\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_sdk:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"73B7BC23-6CCA-41B2-8F61-EDB95F1AFB1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CD2D897-E321-4CED-92E0-11A98B52053C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"CED02712-1031-4206-AC4D-E68710F46EC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*\",\"matchCriteriaId\":\"D1D7B467-58DD-45F1-9F1F-632620DF072A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*\",\"matchCriteriaId\":\"88D6E858-FD8F-4C55-B7D5-CEEDA2BBA898\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*\",\"matchCriteriaId\":\"DB4D6749-81A1-41D7-BF4F-1C45A7F49A22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*\",\"matchCriteriaId\":\"E534C201-BCC5-473C-AAA7-AAB97CEB5437\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*\",\"matchCriteriaId\":\"2470C6E8-2024-4CF5-9982-CFF50E88EAE9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"01EDA41C-6B2E-49AF-B503-EB3882265C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"CB66DB75-2B16-4EBF-9B93-CE49D8086E41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2076871-2E80-4605-A470-A41C1A8EC7EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFAA48D9-BEB4-4E49-AD50-325C262D46D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F61F047-129C-41A6-8A27-FFCBB8563E91\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:xerces2_java:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.0\",\"versionEndExcluding\":\"2.12.0\",\"matchCriteriaId\":\"8CFD62E4-794A-43C0-8C65-A44D970D1569\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\",\"Mailing List\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1059.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1060.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1081.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1440.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1447.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1451.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1505.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1818.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1821.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1822.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1823.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0675.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0720.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0765.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0773.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56257\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201406-32.xml\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT5982\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21644197\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21653371\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21657539\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.ibm.com/support/docview.wss?uid=swg21648172\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/61310\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2033-1\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2089-1\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2014:0414\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/85260\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"https://issues.apache.org/jira/browse/XERCESJ-1679\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Mailing List\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1059.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1060.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1081.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1440.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1447.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1451.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1505.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1818.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1821.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1822.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1823.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0675.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0720.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0765.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0773.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56257\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201406-32.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT5982\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21644197\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21653371\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21657539\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.ibm.com/support/docview.wss?uid=swg21648172\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/61310\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2033-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2089-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2014:0414\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/85260\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"https://issues.apache.org/jira/browse/XERCESJ-1679\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.