oVirt Engine CVE-2014-3573 XML External Entity Information Disclosure Vulnerability

Bugtraq ID:	69665
Class:	Design Error
CVE:	CVE-2014-3573
Remote:	Yes
Local:	No
Published:	Sep 01 2014 12:00AM
Updated:	Sep 01 2014 12:00AM
Credit:	Arun Babu Neelicattu of Red Hat.
Vulnerable:	Redhat Enterprise Virtualization 3.4 oVirt Engine 0
Not Vulnerable:

oVirt Engine CVE-2014-3573 XML External Entity Information Disclosure Vulnerability

oVirt Engine is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks.

oVirt Engine CVE-2014-3573 XML External Entity Information Disclosure Vulnerability

An attacker can exploit this issue using a web browser.