CVE-2013-1821
CVE-2013-1821
lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702525http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-04/msg00015.htmlhttp://lists.opensuse.org/opensuse-updates/2013-04/msg00034.htmlhttp://lists.opensuse.org/opensuse-updates/2013-04/msg00036.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0611.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0612.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1028.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1147.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=914716http://secunia.com/advisories/52783http://secunia.com/advisories/52902