CVE-2013-4069

Currently unrated

Key Information:

Vendor: IBM
Status: Spss Collaboration And Deployment Services
Vendor: CVE Published:; 21 December 2013

Summary

The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21660191

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1PM95817

vendor-advisoryx_refsource_AIXAPAR

https://exchange.xforce.ibmcloud.com/vulnerabilities/86621

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 21, 2013
Vulnerability Reserved
Jun 7, 2013