CVE-2014-0107
published 2014-04-15CVE-2014-0107: The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled…
PriorityP354high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
13.70%
96.0th percentile
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | xalan-java | <= 2.7.1 | — |
| apache | xalan-java | — | — |
| apache | xalan-java | — | — |
| apache | xalan-java | — | — |
| apache | xalan-java | — | — |
| apache | xalan-java | — | — |
| apache | xalan-java | — | — |
| apache | xalan-java | — | — |
| apache | xalan-java | — | — |
| apache | xalan-java | — | — |
| apache | xalan-java | — | — |
| apache | xalan-java | — | — |
| apache | xalan-java | — | — |
| debian | libxalan2-java | < libxalan2-java 2.7.1-9 (bookworm) | libxalan2-java 2.7.1-9 (bookworm) |
| oracle | webcenter_sites | — | — |
| oracle | webcenter_sites | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Improper Authorization in Apache Xalan-Java
osv·2022-05-13
CVE-2014-0107 [HIGH] Improper Authorization in Apache Xalan-Java
Improper Authorization in Apache Xalan-Java
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
GHSA
Improper Authorization in Apache Xalan-Java
ghsa·2022-05-13
CVE-2014-0107 [HIGH] CWE-285 Improper Authorization in Apache Xalan-Java
Improper Authorization in Apache Xalan-Java
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
OSV
CVE-2014-0107: The TransformerFactory in Apache Xalan-Java before 2
osv·2014-04-15·CVSS 7.5
CVE-2014-0107 [HIGH] CVE-2014-0107: The TransformerFactory in Apache Xalan-Java before 2
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
Ubuntu
Xalan-Java vulnerability
vendor_ubuntu·2014-05-21
CVE-2014-0107 Xalan-Java vulnerability
Title: Xalan-Java vulnerability
Summary: Xalan-Java could be made to load arbitrary classes or access external
resources.
Nicolas Gregoire discovered that Xalan-Java incorrectly handled certain
properties when the secure processing feature was enabled. An attacker
could possibly use this issue to load arbitrary classes or access external
resources.
Instructions: After a standard system update you need to reboot your computer to make all
the necessary changes.
Red Hat
Xalan-Java: insufficient constraints in secure processing feature
vendor_redhat·2014-03-24·CVSS 7.5
CVE-2014-0107 [HIGH] CWE-358 Xalan-Java: insufficient constraints in secure processing feature
Xalan-Java: insufficient constraints in secure processing feature
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
It was found that the secure processing feature of Xalan-Java had insufficient restrictions defined for certain properties and features. A remote attacker able to provide Extensible Stylesheet Language Transformations (XSLT) content to be processed by an application
Debian
CVE-2014-0107: libxalan2-java - The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restr...
vendor_debian·2014·CVSS 7.5
CVE-2014-0107 [HIGH] CVE-2014-0107: libxalan2-java - The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restr...
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
Scope: local
bookworm: resolved (fixed in 2.7.1-9)
bullseye: resolved (fixed in 2.7.1-9)
forky: resolved (fixed in 2.7.1-9)
sid: resolved (fixed in 2.7.1-9)
trixie: resolved (fixed in 2.7.1-9)
No detection rules found.
http://rhn.redhat.com/errata/RHSA-2014-0348.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1351.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1888.htmlhttp://secunia.com/advisories/57563http://secunia.com/advisories/59036http://secunia.com/advisories/59151http://secunia.com/advisories/59247http://secunia.com/advisories/59290http://secunia.com/advisories/59291http://secunia.com/advisories/59369http://secunia.com/advisories/59515http://secunia.com/advisories/59711http://secunia.com/advisories/60502http://svn.apache.org/viewvc?view=revision&revision=1581058http://www-01.ibm.com/support/docview.wss?uid=swg21674334http://www-01.ibm.com/support/docview.wss?uid=swg21676093http://www-01.ibm.com/support/docview.wss?uid=swg21677145http://www-01.ibm.com/support/docview.wss?uid=swg21680703http://www-01.ibm.com/support/docview.wss?uid=swg21681933http://www.debian.org/security/2014/dsa-2886http://www.ibm.com/support/docview.wss?uid=swg21677967http://www.ocert.org/advisories/ocert-2014-002.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlhttp://www.securityfocus.com/bid/66397http://www.securitytracker.com/id/1034711http://www.securitytracker.com/id/1034716https://exchange.xforce.ibmcloud.com/vulnerabilities/92023https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755https://issues.apache.org/jira/browse/XALANJ-2435https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3Ehttps://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3Ehttps://lists.apache.org/thread.html/r0c00afcab8f238562e27b3ae7b8af1913c62bc60838fb8b34c19e26b%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/r2900489bc665a2e32d021bb21f6ce2cb8e6bb5973490eebb9a346bca%40%3Cdev.tomcat.apache.org%3Ehttps://security.gentoo.org/glsa/201604-02https://www.oracle.com//security-alerts/cpujul2021.htmlhttps://www.oracle.com/security-alerts/cpuoct2021.htmlhttps://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlhttps://www.tenable.com/security/tns-2018-15http://rhn.redhat.com/errata/RHSA-2014-0348.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1351.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1888.htmlhttp://secunia.com/advisories/57563http://secunia.com/advisories/59036http://secunia.com/advisories/59151http://secunia.com/advisories/59247http://secunia.com/advisories/59290http://secunia.com/advisories/59291http://secunia.com/advisories/59369http://secunia.com/advisories/59515http://secunia.com/advisories/59711http://secunia.com/advisories/60502http://svn.apache.org/viewvc?view=revision&revision=1581058http://www-01.ibm.com/support/docview.wss?uid=swg21674334http://www-01.ibm.com/support/docview.wss?uid=swg21676093http://www-01.ibm.com/support/docview.wss?uid=swg21677145http://www-01.ibm.com/support/docview.wss?uid=swg21680703http://www-01.ibm.com/support/docview.wss?uid=swg21681933http://www.debian.org/security/2014/dsa-2886http://www.ibm.com/support/docview.wss?uid=swg21677967http://www.ocert.org/advisories/ocert-2014-002.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlhttp://www.securityfocus.com/bid/66397http://www.securitytracker.com/id/1034711http://www.securitytracker.com/id/1034716https://exchange.xforce.ibmcloud.com/vulnerabilities/92023https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755https://issues.apache.org/jira/browse/XALANJ-2435https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3Ehttps://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3Ehttps://lists.apache.org/thread.html/r0c00afcab8f238562e27b3ae7b8af1913c62bc60838fb8b34c19e26b%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/r2900489bc665a2e32d021bb21f6ce2cb8e6bb5973490eebb9a346bca%40%3Cdev.tomcat.apache.org%3Ehttps://security.gentoo.org/glsa/201604-02https://www.oracle.com//security-alerts/cpujul2021.htmlhttps://www.oracle.com/security-alerts/cpuoct2021.htmlhttps://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlhttps://www.tenable.com/security/tns-2018-15
2014-04-15
Published