CVE-2010-2076

CRITICAL

Apache Cxf < 2.0.13 - Denial of Service

Title source: rule

Description

Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.

References (16)

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/42492

[Vendor Advisory] http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html

[Exploit, Vendor Advisory] http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf

[Broken Link, Vendor Advisory] http://secunia.com/advisories/41025

[Release Notes, Vendor Advisory] http://geronimo.apache.org/22x-security-report.html

[Broken Link, Vendor Advisory] http://secunia.com/advisories/41016

[Third Party Advisory] https://issues.apache.org/jira/browse/GERONIMO-5383

[Broken Link] http://www.listware.net/201006/cxf-users/60160-important-apache-cxf-security-advisory-cve-2010-2076.html

[Release Notes, Vendor Advisory] http://geronimo.apache.org/21x-security-report.html

[Broken Link, Vendor Advisory] http://secunia.com/advisories/40969

[Mailing List, Patch] https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E

[Mailing List, Patch] https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E

[Mailing List, Patch] https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E

[Mailing List, Patch] https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E

[Mailing List, Patch] https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E

[Mailing List, Patch] https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

Scores

CVSS v3 9.8

EPSS 0.1195

EPSS Percentile 93.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-829

Status published

Products (2)

apache/cxf 2.0.6 - 2.0.13

org.apache.cxf/cxf-rt-frontend-jaxrs 2.0.0 - 2.0.13Maven

Published Aug 19, 2010

Tracked Since Feb 18, 2026