CVE-2018-1000837

An attacker can exploit this vulnerability by providing a malicious plugins.xml file to UML Designer. This file can contain external entity references that the XML parser will process. The processing of these external entities can lead to the disclosure of confidential data, denial of service, server-side request forgery, or port scanning from the perspective of the machine running the parser [ref_id=1, ref_id=2].

The vulnerability exists in the `ProfileDiagramServices.java` file within the `org.obeonetwork.dsl.uml2.design` plugin. Specifically, the code responsible for parsing the `pluginXML` file using `DocumentBuilderFactory.newInstance()` and `builder.parse()` is affected [ref_id=1, ref_id=2].

The advisory recommends disabling external entity resolution in the XML parser to prevent XXE attacks. This can be achieved by setting specific features on the `DocumentBuilderFactory` before creating the `DocumentBuilder`. The patch does not show specific code changes, but the remediation guidance suggests configuring the factory to prevent external entity processing [ref_id=1, ref_id=2].