You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by Andreas Veithen <an...@gmail.com> on 2010/06/13 23:57:56 UTC

[Important] Axis2 security advisory CVE-2010-1632

The Axis2 team recently discovered a security issue that may allow an
attacker to carry out denial of service attacks and to read arbitrary
files on the file system of the node where Axis2 runs. Details of the
vulnerability are described in the following advisory:

https://svn.apache.org/repos/asf/axis/axis2/java/core/security/CVE-2010-1632.pdf

This vulnerability may potentially be exploited on any Axis2
installation that receives XML messages from untrusted sources. We
strongly recommend to all users who manage this type of installation
to follow the instructions in the above advisory in order to mitigate
the security risk caused by this vulnerability.

-- The Axis2 team

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org