JIRA and Gliffy and Tempo Plugins Denial of Service Vulnerability

vendor:

JIRA, Gliffy and Tempo plugins

by:

SecurityFocus

7,5

CVSS

HIGH

Denial of Service

400

CWE

Product Name: JIRA, Gliffy and Tempo plugins

Affected Version From: JIRA 5.0.1, Gliffy 3.7.1, Tempo versions 6.4.3.1, 6.5.1, and 7.0.3

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2012

JIRA and Gliffy and Tempo Plugins Denial of Service Vulnerability

JIRA, and the Gliffy and Tempo plugins for JIRA are prone to a denial-of-service vulnerability because they fail to properly handle crafted XML data. Exploiting this issue allows remote attackers to cause denial-of-service conditions in the context of an affected application.

Mitigation:

Upgrade to the latest version of JIRA, Gliffy and Tempo plugins.

Source

JIRA and Gliffy and Tempo Plugins Denial of Service Vulnerability

Mitigation:

Exploit-DB raw data: