Unrated severityNVD Advisory· Published Apr 25, 2013· Updated Jun 16, 2026
CVE-2013-1915
CVE-2013-1915
Description
ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
- Range: <2.7.3
Patches
Vulnerability mechanics
References
15- www.openwall.com/lists/oss-security/2013/04/03/7nvdMailing ListPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- github.com/SpiderLabs/ModSecurity/commit/d4d80b38aa85eccb26e3c61b04d16e8ca5de76fenvdPatchThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2013-April/101898.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2013-April/101911.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2013-April/102616.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-08/msg00020.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-08/msg00025.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-08/msg00031.htmlnvdMailing ListThird Party Advisory
- secunia.com/advisories/52847nvdThird Party Advisory
- secunia.com/advisories/52977nvdThird Party Advisory
- www.debian.org/security/2013/dsa-2659nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.securityfocus.com/bid/58810nvdThird Party AdvisoryVDB Entry
- github.com/SpiderLabs/ModSecurity/blob/master/CHANGESnvdRelease NotesThird Party Advisory
News mentions
0No linked articles in our index yet.