返回 CVE 浏览器

CVE-2010-2076

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0040%

EPSS Percentile31.06th

Published2010年8月19日

Last Modified2026年4月29日

Vulnerability Description

Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.

Affected Platforms (CPE)

📦

Apache

Cxf

>= 2.0.6 and < 2.0.13

📦

Apache

Cxf

>= 2.1 and < 2.1.10

📦

Apache

Cxf

>= 2.2.0 and < 2.2.9

References & Advisories

🔗 http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html

🔗 http://geronimo.apache.org/21x-security-report.html

🔗 http://geronimo.apache.org/22x-security-report.html

🔗 http://secunia.com/advisories/40969

🔗 http://secunia.com/advisories/41016

🔗 http://secunia.com/advisories/41025

🔗 http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf

🔗 http://www.listware.net/201006/cxf-users/60160-important-apache-cxf-security-advisory-cve-2010-2076.html

相关漏洞威胁

CVE-2012-237910.0

Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPo...

CVE-2012-08039.8

The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows remote attackers to bypass authentication by sending an empty ...

CVE-2019-124199.8

Apache CXF before 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect servic...

CVE-2016-44649.8

The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match SAML AudienceRestriction values...