Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0110

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-0110
Last Modified 22 Apr 2015 09:59:17
Published 08 May 2014 10:29:13
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-0110

Summary

Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (/tmp disk consumption) via a large invalid SOAP message.

Vulnerable Systems

Application

  • Apache Cxf 2.4.0

  • Apache Cxf 2.4.1

  • Apache Cxf 2.4.2

  • Apache Cxf 2.4.3

  • Apache Cxf 2.4.4

  • Apache Cxf 2.4.5

  • Apache Cxf 2.4.6

  • Apache Cxf 2.4.7

  • Apache Cxf 2.5.0

  • Apache Cxf 2.5.1

  • Apache Cxf 2.5.2

  • Apache Cxf 2.5.3

  • Apache Cxf 2.5.4

  • Apache Cxf 2.5.5

  • Apache Cxf 2.5.6

  • Apache Cxf 2.5.7

  • Apache Cxf 2.5.8

  • Apache Cxf 2.5.9

  • Apache Cxf 2.6.0

  • Apache Cxf 2.6.1

  • Apache Cxf 2.6.10

  • Apache Cxf 2.6.11

  • Apache Cxf 2.6.12

  • Apache Cxf 2.6.13

  • Apache Cxf 2.6.2

  • Apache Cxf 2.6.3

  • Apache Cxf 2.6.4

  • Apache Cxf 2.6.5

  • Apache Cxf 2.6.6

  • Apache Cxf 2.6.7

  • Apache Cxf 2.6.8

  • Apache Cxf 2.6.9

  • Apache Cxf 2.7.0

  • Apache Cxf 2.7.1

  • Apache Cxf 2.7.10

  • Apache Cxf 2.7.2

  • Apache Cxf 2.7.3

  • Apache Cxf 2.7.4

  • Apache Cxf 2.7.5

  • Apache Cxf 2.7.6

  • Apache Cxf 2.7.7

  • Apache Cxf 2.7.8

  • Apache Cxf 2.7.9


References

SECTRACK - 1030202

CONFIRM - http://cxf.apache.org/security-advisories.data/CVE-2014-0110.txt.asc?version=1&modificationDate=1398873378628&api=v2

REDHAT - RHSA-2014:1351

REDHAT - RHSA-2015:0851

REDHAT - RHSA-2015:0850


Last Updated: 27 May 2016 11:08:33