There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache xerces-j |
||
oracle ilearning 6.2 |
||
oracle flexcube universal banking 12.4.0 |
||
oracle weblogic server 12.2.1.3.0 |
||
oracle agile plm 9.3.6 |
||
oracle weblogic server 12.2.1.4.0 |
||
oracle peoplesoft enterprise peopletools 8.58 |
||
oracle weblogic server 14.1.1.0.0 |
||
oracle retail bulk data integration 16.0.3.0 |
||
oracle retail merchandising system 16.0.3 |
||
oracle global lifecycle management nextgen oui framework 13.9.4.2.2 |
||
oracle agile engineering data management 6.2.1.0 |
||
oracle retail service backbone 16.0.3 |
||
oracle retail financial integration 16.0.3 |
||
oracle retail integration bus 16.0.3 |
||
oracle peoplesoft enterprise peopletools 8.59 |
||
oracle retail service backbone 15.0.3.1 |
||
oracle retail service backbone 14.1.3.2 |
||
oracle financial services enterprise case management 8.0.7.2.0 |
||
oracle banking party management 2.7.0 |
||
oracle retail merchandising system 19.0.1 |
||
oracle retail integration bus 14.1.3.2 |
||
oracle retail financial integration 14.1.3.2 |
||
oracle retail extract transform and load 13.2.8 |
||
oracle retail integration bus 15.0.3.1 |
||
oracle retail financial integration 15.0.3.1 |
||
oracle communications asap 7.3 |
||
oracle ilearning 6.3 |
||
oracle retail service backbone 19.0.1 |
||
oracle retail integration bus 19.0.1 |
||
oracle retail financial integration 19.0.1 |
||
oracle product lifecycle analytics 3.6.1 |
||
oracle financial services enterprise case management 8.0.8.1 |
||
oracle financial services enterprise case management 8.1.1.0 |
||
oracle financial services enterprise case management 8.1.1.1 |
||
oracle financial services behavior detection platform 8.1.2.0 |
||
oracle financial services behavior detection platform 8.1.1.1 |
||
oracle financial services behavior detection platform 8.1.1.0 |
||
oracle financial services enterprise case management 8.0.7.1 |
||
oracle financial services enterprise case management 8.0.8.0 |
||
oracle communications element manager |
||
oracle financial services analytical applications infrastructure |
||
oracle communications session report manager |
||
oracle financial services behavior detection platform |
||
oracle communications session route manager |
||
oracle financial services crime and compliance management studio 8.0.8.2.0 |
||
oracle financial services crime and compliance management studio 8.0.8.3.0 |
||
oracle global lifecycle management nextgen oui framework |
||
oracle primavera gateway |
||
oracle global lifecycle management opatch |
||
oracle health sciences information manager |
||
oracle health sciences information manager 3.0.0.1 |
||
oracle banking deposits and lines of credit servicing 2.7 |
||
netapp active iq unified manager - |