CVE-2013-4002
Description
XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.
Risk Information
Base Score
9.1
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
EPSS Score
Exploitation Probability
5.597
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2013-4002,CVE-2012-0881 are fixed in Apache-xercesImpl 2.12.0 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 5.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 5.2 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 5.2.4 | Windows |
| Multiple Vulnerabilities are affected in IBM Business Automation Workflow 20.0.0.2 | Windows |
| Multiple Vulnerabilities are affected in IBM Tivoli Application Dependency Discovery Manager 7.2.2 | Windows |
| Multiple Vulnerabilities are affected in IBM UrbanCode Deploy 7.0.3.0 | Windows |
| Multiple Vulnerabilities are affected in IBM UrbanCode Deploy 7.0.4.0 | Windows |
| Multiple Vulnerabilities are affected in IBM Business Automation Workflow 21.0.3.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Business Automation Workflow 22.0.2 | Windows |
| Multiple Vulnerabilities are affected in IBM Operational Decision Manager 8.10 | Windows |
| Multiple Vulnerabilities are affected in IBM Operational Decision Manager 8.11 | Windows |
| Multiple Vulnerabilities are affected in IBM UrbanCode Deploy 6.2.7.3 | Windows |
| Multiple Vulnerabilities are affected in IBM UrbanCode Deploy 6.2.7.4 | Windows |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-demo-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-demo-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-javadoc-2.11.0-17.el7_0.noarch.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-scripts-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-scripts-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-javadoc-xni-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-javadoc-xni-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-javadoc-apis-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-javadoc-apis-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-javadoc-impl-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-javadoc-impl-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-javadoc-other-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2 security update (CESA-2014:1319) xerces-j2-javadoc-other-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-2.11.0-17.el7_0.noarch.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-2.7.1-12.7.el6_5.i686.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-demo-2.11.0-17.el7_0.noarch.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-demo-2.7.1-12.7.el6_5.i686.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-demo-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-javadoc-2.11.0-17.el7_0.noarch.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-javadoc-apis-2.7.1-12.7.el6_5.i686.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-javadoc-apis-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-javadoc-impl-2.7.1-12.7.el6_5.i686.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-javadoc-impl-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-javadoc-other-2.7.1-12.7.el6_5.i686.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-javadoc-other-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-javadoc-xni-2.7.1-12.7.el6_5.i686.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-javadoc-xni-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-scripts-2.7.1-12.7.el6_5.i686.rpm | Linux |
| (RHSA-2014:1319) Moderate: xerces-j2 security update xerces-j2-scripts-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2 update (ELSA-2014-1319) xerces-j2-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2-demo update (ELSA-2014-1319) xerces-j2-demo-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2-javadoc-apis update (ELSA-2014-1319) xerces-j2-javadoc-apis-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2-javadoc-impl update (ELSA-2014-1319) xerces-j2-javadoc-impl-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2-javadoc-other update (ELSA-2014-1319) xerces-j2-javadoc-other-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2-javadoc-xni update (ELSA-2014-1319) xerces-j2-javadoc-xni-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2-scripts update (ELSA-2014-1319) xerces-j2-scripts-2.7.1-12.7.el6_5.x86_64.rpm | Linux |
| Xerces-j2 update (ELSA-2014-1319) xerces-j2-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2-demo update (ELSA-2014-1319) xerces-j2-demo-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2-javadoc-apis update (ELSA-2014-1319) xerces-j2-javadoc-apis-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2-javadoc-impl update (ELSA-2014-1319) xerces-j2-javadoc-impl-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2-javadoc-other update (ELSA-2014-1319) xerces-j2-javadoc-other-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2-javadoc-xni update (ELSA-2014-1319) xerces-j2-javadoc-xni-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2-scripts update (ELSA-2014-1319) xerces-j2-scripts-2.7.1-12.7.el6_5.i686.rpm | Linux |
| Xerces-j2 update (ELSA-2014-1319) xerces-j2-2.11.0-17.el7_0.noarch.rpm | Linux |
| Xerces-j2-demo update (ELSA-2014-1319) xerces-j2-demo-2.11.0-17.el7_0.noarch.rpm | Linux |
| Xerces-j2-javadoc update (ELSA-2014-1319) xerces-j2-javadoc-2.11.0-17.el7_0.noarch.rpm | Linux |
| Vulnerabilities CVE-2013-4002,CVE-2012-0881 are fixed in Apache-xercesImpl for Linux 2.12.0 | Linux |
| CVE-2013-4002 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234