Gregor Samsa: Exploiting Java's XML Signature Verification
Tags
| attack-pattern: | Data Impersonation - T1656 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | 57ab37c0-6e6e-4bd5-8725-26b9f02214db |
| Fingerprint | c39885628674f34 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 2, 2022, 4:41 a.m. |
| Added to db | Aug. 30, 2024, 11:46 p.m. |
| Last updated | Nov. 12, 2024, 2:01 a.m. |
| Headline | Project Zero |
| Title | Gregor Samsa: Exploiting Java's XML Signature Verification |
| Detected Hints/Tags/Attributes | 45/1/23 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 130 | ✔ | Project Zero | https://googleprojectzero.blogspot.com/feeds/posts/default | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 2 | cve-2022-34169 |
|
| Details | Domain | 1 | apachetransform.java |
|
| Details | Domain | 1 | domtransform.java |
|
| Details | Domain | 1 | domreference.java |
|
| Details | Domain | 1 | domxmlsignature.java |
|
| Details | Domain | 1 | transformerfactoryimpl.java |
|
| Details | Domain | 1 | functioncall.java |
|
| Details | File | 1 | java.xml |
|
| Details | File | 1 | crypto.xml |
|
| Details | File | 9 | internal.xsl |
|
| Details | File | 1 | templatesimpl.java |
|
| Details | File | 1 | transformerfactoryimpl.java |
|
| Details | File | 3 | apache.xml |
|
| Details | File | 1 | transformxslt.java |
|
| Details | File | 1 | transform.java |
|
| Details | File | 1 | jcp.xml |
|
| Details | File | 1 | apachetransform.java |
|
| Details | File | 1 | domtransform.java |
|
| Details | File | 1 | domreference.java |
|
| Details | File | 1 | domxmlsignature.java |
|
| Details | File | 1 | xalan.xsl |
|
| Details | File | 1 | functioncall.java |
|
| Details | File | 2 | jdk.xml |