Restlet Framework XML External Entity Information Disclosure Vulnerability
BID:53713
Info
Restlet Framework XML External Entity Information Disclosure Vulnerability
| Bugtraq ID: | 53713 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 29 2012 12:00AM |
| Updated: | May 29 2012 12:00AM |
| Credit: | Nicolas Grégoire |
| Vulnerable: |
Restlet Restlet Framework 2.0.13 |
| Not Vulnerable: |
Restlet Restlet Framework 2.1 RC5 Restlet Restlet Framework 2.1 RC4 Restlet Restlet Framework 2.0.14 |
Discussion
Restlet Framework XML External Entity Information Disclosure Vulnerability
Restlet Framework is prone to an information-disclosure vulnerability. This issue is vulnerable to XML External Entity attacks.
An attackers can exploit this issue to gain access to sensitive information; this may lead to further attacks.
Restlet Framework is prone to an information-disclosure vulnerability. This issue is vulnerable to XML External Entity attacks.
An attackers can exploit this issue to gain access to sensitive information; this may lead to further attacks.
Exploit / POC
Restlet Framework XML External Entity Information Disclosure Vulnerability
An attacker can exploit this issue using readily available tools.
An attacker can exploit this issue using readily available tools.
Solution / Fix
Restlet Framework XML External Entity Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Restlet Framework XML External Entity Information Disclosure Vulnerability
References:
References:
- Restlet Framework 2.1 RC5 and 2.0.14 released (Restlet )
- Restlet Framework Homepage (Restlet)