23th Jan 2003 [SBWID-5943]
COMMAND
PeopleSoft PeopleTools XML External Entities vulnerability
SYSTEMS AFFECTED
PeopleTools 8.1x prior to 8.19
PeopleTools 8.4x is not vulnerable
PROBLEM
From an "Internet Security Systems Security Brief" we learn that
Application Messaging Gateway is vulnerable to XML External Entities
(XXE) attacks that permits remote file access.
For the complete ISS X-Force Security Advisory, please visit:
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21811
SOLUTION
Update available