Intrusion Prevention

Apache.Santuario.XML.Java.Security.DTD.DoS

Description

This indicates an attack attempt to exploit a Denial of Service vulnerability in Apache Software Foundation Santuario XML Security for Java.
The vulnerability is due to an error in vulnerable module when validating signatures in a crafted XML file. A remote attacker may be able to exploit this to cause a denial of service condition on the affected system.

Affected Products

Apache Software Foundation Santuario XML Security for Java prior to 1.5.6

Impact

Denial of Service: Remote attackers can crash vulnerable systems or services

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://santuario.apache.org/secadv.data/cve-2013-4517.txt.asc

CVE References

CVE-2013-4517