CVE-2008-0628
Priority
Low
Description
The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3
and earlier processes external entity references even when the "external
general entities" property is false, which allows remote attackers to
conduct XML external entity (XXE) attacks and cause a denial of service or
access restricted resources.
and earlier processes external entity references even when the "external
general entities" property is false, which allows remote attackers to
conduct XML external entity (XXE) attacks and cause a denial of service or
access restricted resources.
Package
| Upstream: | not-affected |
| Ubuntu 8.04 LTS (Hardy Heron): | not-affected |
Package
| Upstream: | needed |
| Ubuntu 8.04 LTS (Hardy Heron): | released (6-04-1) |