RedHat JBoss Data Virtualization XML External Entity Vulnerability (CVE-2014-0171)
2016年5月31日
危険度: 緊急
情報公開日: 5 31, 2016
概要
XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1005839