Release DateSep 15, 2009 |
Severitymedium |
ImpactSystem compromise |
DescriptionThis indicates an attack attempt to exploit a SAX-injection vulnerability in Web Services which communicate through the use of SOAP requests.The vulnerability is a result of the application's failure to properly sanitize user input before using it in web services. As a result, a remote attacker can send a crafted request to execute a function defined in the web service definition language (WSDL) file. |
Affected ProductsAll web application environments are susceptible to SAX injection. |
Recommended ActionsThe signature can be enabled to block this traffic. |
Coverage IPS
VCM |
