oval:org.mitre.oval:def:9847

Definition Id: oval:org.mitre.oval:def:9847

Oval ID:	oval:org.mitre.oval:def:9847
Title:	The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity (XXE) attacks and cause a denial of service or access restricted resources.
Description:	The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity (XXE) attacks and cause a denial of service or access restricted resources.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-0628	Version:	3
Platform(s):	Red Hat Enterprise Linux Extras 5	Product(s):
Definition Synopsis:
redhat-release is version 5 AND java-1.6.0-bea-demo is earlier than 1:1.6.0.03-1jpp.2.el5 AND java-1.6.0-bea-devel is earlier than 1:1.6.0.03-1jpp.2.el5 AND java-1.6.0-bea is earlier than 1:1.6.0.03-1jpp.2.el5 AND java-1.6.0-bea-src is earlier than 1:1.6.0.03-1jpp.2.el5 AND java-1.6.0-bea-missioncontrol is earlier than 1:1.6.0.03-1jpp.2.el5 AND java-1.6.0-bea-jdbc is earlier than 1:1.6.0.03-1jpp.2.el5