Intrusion Prevention

Web.Service.SAX.Injection

Description

This indicates an attack attempt to exploit a SAX-injection vulnerability in Web Services which communicate through the use of SOAP requests.
The vulnerability is a result of the application's failure to properly sanitize user input before using it in web services. As a result, a remote attacker can send a crafted request to execute a function defined in the web service definition language (WSDL) file.

Affected Products

All web application environments are susceptible to SAX injection.

Impact

System compromise

Recommended Actions

The signature can be enabled to block this traffic.