IBM Rational ClearCase 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. <a href"http://cwe.mitre.org/data/definitions/611.html" target"_blank">CWE-611: Improper Restriction of XML External Entity Reference ('XXE')</a>
Publication date: Wed, 24 Sep 2014 01:55:00 +0000