Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: General :: sb5943.htm

PeopleSoft PeopleTools XML External Entities vulnerability



23th Jan 2003 [SBWID-5943]
COMMAND

	PeopleSoft PeopleTools XML External Entities vulnerability

SYSTEMS AFFECTED

	 PeopleTools 8.1x prior to 8.19
	
	 PeopleTools 8.4x is not vulnerable

PROBLEM

	From an  "Internet  Security  Systems  Security  Brief"  we  learn  that
	Application Messaging Gateway is vulnerable  to  XML  External  Entities
	(XXE) attacks that permits remote file access.
	
	For the complete ISS X-Force Security Advisory, please visit:
	
	 http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21811
	

SOLUTION

	Update available


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH