CVE-2009-2625: Apache Xerces 安全漏洞

获取后续新漏洞提醒登录后订阅

一、漏洞 CVE-2009-2625 基础信息

漏洞信息

对漏洞内容有疑问？看看神龙的深度分析是否有帮助！

查看神龙十问 ↗

尽管我们使用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性，但请您根据实际情况进行核实和判断。

漏洞

N/A

来源: 美国国家漏洞数据库 NVD

漏洞信息

XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.

来源: 美国国家漏洞数据库 NVD

漏洞信息

N/A

来源: 美国国家漏洞数据库 NVD

漏洞

N/A

来源: 美国国家漏洞数据库 NVD

漏洞

Apache Xerces 安全漏洞

来源: 中国国家信息安全漏洞库 CNNVD

漏洞信息

Xerces是一个由Apache组织所推动的一项XML文档解析开源项目。 Apache Xerces2 Java（使用在Sun Java Runtime Environment (JRE)）中的XMLScanner.java文件存在安全漏洞。该漏洞源于网络系统或产品缺乏有效的权限许可和访问控制措施。以下产品及版本受到影响：JDK 6 Update 15之前版本；JRE 6 Update 15之前版本；JDK 5.0 Update 20之前版本；JRE 5.0 Update 20之前版本。

来源: 中国国家信息安全漏洞库 CNNVD

漏洞信息

N/A

来源: 中国国家信息安全漏洞库 CNNVD

漏洞

N/A

来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商	产品	影响版本	CPE	订阅
-	n/a	n/a	-

二、漏洞 CVE-2009-2625 的公开POC

#	POC 描述	源链接	神龙链接

AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2009-2625 的情报信息

第登录三、漏洞 %(cve_id)s 的情报信息

http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=512921x_refsource_CONFIRM
http://www.cert.fi/en/reports/2009/vulnerability2009085.htmlx_refsource_MISC
http://www.networkworld.com/columnists/2009/080509-xml-flaw.htmlx_refsource_MISC
http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.htmlx_refsource_CONFIRM
http://www.codenomicon.com/labs/xml/x_refsource_MISC
http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=572055&r2=787352&pathrev=787353&diff_format=hx_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2009-0016.htmlx_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.htmlx_refsource_CONFIRM
http://secunia.com/advisories/37300third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/38342third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/36176third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/37671third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/50549third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/37754third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/37460third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/36199third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/35958vdb-entryx_refsource_BID
http://secunia.com/advisories/36162third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/43300third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/38231third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/36180third-party-advisoryx_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263489-1vendor-advisoryx_refsource_SUNALERT
http://sunsolve.sun.com/search/document.do?assetkey=1-66-272209-1vendor-advisoryx_refsource_SUNALERT
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021506.1-1vendor-advisoryx_refsource_SUNALERT
http://www.securitytracker.com/id?1022680vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2010/dsa-1984vendor-advisoryx_refsource_DEBIAN
http://www.us-cert.gov/cas/techalerts/TA10-012A.htmlthird-party-advisoryx_refsource_CERT
http://www.us-cert.gov/cas/techalerts/TA09-294A.htmlthird-party-advisoryx_refsource_CERT
http://www.ubuntu.com/usn/USN-890-1vendor-advisoryx_refsource_UBUNTU
http://marc.info/?l=bugtraq&m=125787273209737&w=2vendor-advisoryx_refsource_HP
http://www.vupen.com/english/advisories/2009/3316vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2011/0359vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2009/2543vdb-entryx_refsource_VUPEN
https://rhn.redhat.com/errata/RHSA-2009-1637.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2012-1232.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2011-0858.htmlvendor-advisoryx_refsource_REDHAT
https://rhn.redhat.com/errata/RHSA-2009-1200.htmlvendor-advisoryx_refsource_REDHAT
https://rhn.redhat.com/errata/RHSA-2009-1201.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2009-1615.htmlvendor-advisoryx_refsource_REDHAT
https://rhn.redhat.com/errata/RHSA-2009-1636.htmlvendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDVSA-2011:108vendor-advisoryx_refsource_MANDRIVA
https://rhn.redhat.com/errata/RHSA-2009-1199.htmlvendor-advisoryx_refsource_REDHAT
https://rhn.redhat.com/errata/RHSA-2009-1650.htmlvendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDVSA-2009:209vendor-advisoryx_refsource_MANDRIVA
http://rhn.redhat.com/errata/RHSA-2012-1537.htmlvendor-advisoryx_refsource_REDHAT
https://rhn.redhat.com/errata/RHSA-2009-1649.htmlvendor-advisoryx_refsource_REDHAT
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026vendor-advisoryx_refsource_SLACKWARE
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.htmlvendor-advisoryx_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.htmlvendor-advisoryx_refsource_FEDORA
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.htmlvendor-advisoryx_refsource_FEDORA
http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.htmlvendor-advisoryx_refsource_APPLE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9356vdb-entrysignaturex_refsource_OVAL
http://www.openwall.com/lists/oss-security/2009/09/06/1mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2009/10/22/9mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3Emailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2009/10/23/6mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2009/10/26/3mailing-listx_refsource_MLIST
http://www.securityfocus.com/archive/1/507985/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2009-2625

新漏洞

产品: n/a

厂商: n/a

四、漏洞 CVE-2009-2625 的评论

暂无评论

支持本站 — 捐款将帮助我们持续运营

一、漏洞 CVE-2009-2625 基础信息

漏洞信息

漏洞

漏洞信息

漏洞信息

漏洞

漏洞

漏洞信息

漏洞信息

漏洞

受影响产品

二、漏洞 CVE-2009-2625 的公开POC

三、漏洞 CVE-2009-2625 的情报信息

新漏洞

四、漏洞 CVE-2009-2625 的评论

发表评论

支持本站 — 捐款将帮助我们持续运营

一、 漏洞 CVE-2009-2625 基础信息

漏洞信息

漏洞

漏洞信息

漏洞信息

漏洞

漏洞

漏洞信息

漏洞信息

漏洞

受影响产品

二、漏洞 CVE-2009-2625 的公开POC

三、漏洞 CVE-2009-2625 的情报信息

新漏洞

四、漏洞 CVE-2009-2625 的评论

发表评论

一、漏洞 CVE-2009-2625 基础信息