CVE Vulnerabilities

CVE-2012-4063

Published: Oct 01, 2012 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The Apache Santuario configuration in Eucalyptus before 3.1.1 does not properly restrict applying XML Signature transforms to documents, which allows remote attackers to cause a denial of service via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Eucalyptus Eucalyptus 1.1 1.1
Eucalyptus Eucalyptus 1.6 1.6
Eucalyptus Eucalyptus 3.0.1 3.0.1
Eucalyptus Eucalyptus 1.5.2 1.5.2
Eucalyptus Eucalyptus 1.2 1.2
Eucalyptus Eucalyptus 1.5.1 1.5.1
Eucalyptus Eucalyptus 3.1.1 3.1.1
Eucalyptus Eucalyptus 2.0.3 2.0.3
Eucalyptus Eucalyptus 2.0 2.0
Eucalyptus Eucalyptus 3.0 3.0
Eucalyptus Eucalyptus 1.4 1.4
Eucalyptus Eucalyptus 2.0.0 2.0.0
Eucalyptus Eucalyptus 2.0.2 2.0.2
Eucalyptus Eucalyptus 1.0 1.0
Eucalyptus Eucalyptus 1.6.2 1.6.2
Eucalyptus Eucalyptus 1.3 1.3
Eucalyptus Eucalyptus 2.0.1 2.0.1
Eucalyptus Eucalyptus * 3.1.0

References