CVE-2012-4063 in Ubuntu

CVE-2012-4063

Priority

Medium

Description

The Apache Santuario configuration in Eucalyptus before 3.1.1 does not
properly restrict applying XML Signature transforms to documents, which
allows remote attackers to cause a denial of service via unspecified
vectors.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4063
http://www.eucalyptus.com/eucalyptus-cloud/security/esa-05

Package

Source: eucalyptus (LP Ubuntu Debian)

Upstream:	released (3.1.1)
Ubuntu 8.04 LTS (Hardy Heron):	DNE
Ubuntu 10.04 LTS (Lucid Lynx):	needs-triage
Ubuntu 11.10 (Oneiric Ocelot):	ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):	needed
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2013-05-09 15:16:52 UTC (commit 6824)