IBM WebSphere Commerce 7.0 Feature Pack 4 through 8 allows remote attackers to read arbitrary files and possibly obtain administrative privileges via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ibm
Published: 2015-03-13T01:00:00
Updated: 2015-03-16T17:57:01
Reserved: 2014-11-18T00:00:00
Link: CVE-2015-0133
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-03-13T01:59:25.647
Modified: 2015-09-11T15:45:40.367
Link: CVE-2015-0133
JSON object: View
Redhat Information
No data.
CWE