CVE-2010-1632
published 2010-06-22CVE-2010-1632: Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32…
PriorityP350high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
22.37%
97.4th percentile
Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | axis2 | <= 1.5.1 | — |
| apache | axis2 | — | — |
| apache | axis2 | — | — |
| apache | axis2 | — | — |
| apache | axis2 | — | — |
| apache | cxf | >= 2.0.6 < 2.0.13 | 2.0.13 |
| apache | cxf | >= 2.1 < 2.1.10 | 2.1.10 |
| apache | cxf | >= 2.2.0 < 2.2.9 | 2.2.9 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
ghsa7.5HIGH
osv7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
CXF: Insufficient constraints on Document Type Declarations (DTDs)
vendor_redhat·2010-06-15·CVSS 7.5
CVE-2010-2076 [HIGH] CXF: Insufficient constraints on Document Type Declarations (DTDs)
CXF: Insufficient constraints on Document Type Declarations (DTDs)
Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
Statement: Not Vulnerable. This issue does not affect the versions of Apache CXF as shipped with various Red Hat products.
Package: CXF (Red Hat JBoss SOA Platform 5) - Not affected
Red Hat
Axis2: Does not properly reject DTDs in SOAP messages
vendor_redhat·2009-07-23·CVSS 7.5
CVE-2010-1632 [HIGH] Axis2: Does not properly reject DTDs in SOAP messages
Axis2: Does not properly reject DTDs in SOAP messages
Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.
GHSA
Improper Input Validation in Apache Axis2
ghsa·2022-05-17
CVE-2010-1632 [HIGH] CWE-20 Improper Input Validation in Apache Axis2
Improper Input Validation in Apache Axis2
Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.
OSV
Improper Input Validation in Apache Axis2
osv·2022-05-17
CVE-2010-1632 [HIGH] Improper Input Validation in Apache Axis2
Improper Input Validation in Apache Axis2
Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.
GHSA
Improper Input Validation in Apache CXF
ghsa·2022-05-13·CVSS 7.5
CVE-2010-2076 [HIGH] CWE-20 Improper Input Validation in Apache CXF
Improper Input Validation in Apache CXF
Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
OSV
Improper Input Validation in Apache CXF
osv·2022-05-13·CVSS 7.5
CVE-2010-2076 [HIGH] Improper Input Validation in Apache CXF
Improper Input Validation in Apache CXF
Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
No detection rules found.
No public exploits indexed.
http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.htmlhttp://geronimo.apache.org/21x-security-report.htmlhttp://geronimo.apache.org/22x-security-report.htmlhttp://markmail.org/message/e4yiij7lfexastvlhttp://secunia.com/advisories/40252http://secunia.com/advisories/40279http://secunia.com/advisories/41016http://secunia.com/advisories/41025http://www-01.ibm.com/support/docview.wss?uid=swg21433581http://www-1.ibm.com/support/docview.wss?uid=swg1PM14765http://www-1.ibm.com/support/docview.wss?uid=swg1PM14844http://www-1.ibm.com/support/docview.wss?uid=swg1PM14847http://www.securitytracker.com/id/1036901http://www.vupen.com/english/advisories/2010/1528http://www.vupen.com/english/advisories/2010/1531https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289984https://issues.apache.org/jira/browse/AXIS2-4450https://issues.apache.org/jira/browse/GERONIMO-5383https://svn.apache.org/repos/asf/axis/axis2/java/core/security/CVE-2010-1632.pdfhttp://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.htmlhttp://geronimo.apache.org/21x-security-report.htmlhttp://geronimo.apache.org/22x-security-report.htmlhttp://markmail.org/message/e4yiij7lfexastvlhttp://secunia.com/advisories/40252http://secunia.com/advisories/40279http://secunia.com/advisories/41016http://secunia.com/advisories/41025http://www-01.ibm.com/support/docview.wss?uid=swg21433581http://www-1.ibm.com/support/docview.wss?uid=swg1PM14765http://www-1.ibm.com/support/docview.wss?uid=swg1PM14844http://www-1.ibm.com/support/docview.wss?uid=swg1PM14847http://www.securitytracker.com/id/1036901http://www.vupen.com/english/advisories/2010/1528http://www.vupen.com/english/advisories/2010/1531https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289984https://issues.apache.org/jira/browse/AXIS2-4450https://issues.apache.org/jira/browse/GERONIMO-5383https://svn.apache.org/repos/asf/axis/axis2/java/core/security/CVE-2010-1632.pdf
2010-06-22
Published