SUPPORT / SAMPLES & SAS NOTES
Problem Note 56560: SAS® Content Server is vulnerable to an XML external entity exploitation (CVE-2015-1833)
 |  |  |  |  |
Severity: Medium
Description: SAS Content Server is vulnerable to an XML external entity exploitation, as described in the Vulnerability Summary for CVE-2015-1833.
Potential Impact: An attacker might gain unauthorized access to files.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | SAS Release | |
| Reported | Fixed* | |||
| SAS System | SAS Content Server | Microsoft® Windows® for x64 | 9.3 TS1M0 | 9.4 TS1M4 |
| Microsoft Windows Server 2003 Datacenter Edition | 9.3 TS1M0 | |||
| Microsoft Windows Server 2003 Enterprise Edition | 9.3 TS1M0 | |||
| Microsoft Windows Server 2003 Standard Edition | 9.3 TS1M0 | |||
| Microsoft Windows Server 2003 for x64 | 9.3 TS1M0 | |||
| Microsoft Windows Server 2008 | 9.3 TS1M0 | 9.4 TS1M4 | ||
| Microsoft Windows Server 2008 R2 | 9.3 TS1M0 | 9.4 TS1M4 | ||
| Microsoft Windows Server 2008 for x64 | 9.3 TS1M0 | 9.4 TS1M4 | ||
| Microsoft Windows XP Professional | 9.3 TS1M0 | |||
| Windows 7 Enterprise 32 bit | 9.3 TS1M0 | 9.4 TS1M4 | ||
| Windows 7 Enterprise x64 | 9.3 TS1M0 | 9.4 TS1M4 | ||
| Windows 7 Home Premium 32 bit | 9.3 TS1M0 | 9.4 TS1M4 | ||
| Windows 7 Home Premium x64 | 9.3 TS1M0 | 9.4 TS1M4 | ||
| Windows 7 Professional 32 bit | 9.3 TS1M0 | 9.4 TS1M4 | ||
| Windows 7 Professional x64 | 9.3 TS1M0 | 9.4 TS1M4 | ||
| Windows 7 Ultimate 32 bit | 9.3 TS1M0 | 9.4 TS1M4 | ||
| Windows 7 Ultimate x64 | 9.3 TS1M0 | 9.4 TS1M4 | ||
| Windows Vista | 9.3 TS1M0 | |||
| Windows Vista for x64 | 9.3 TS1M0 | |||
| Linux | 9.3 TS1M0 | 9.4 TS1M4 | ||
| Linux for x64 | 9.3 TS1M0 | 9.4 TS1M4 | ||