Lucene search

K

RedhatCVELIST:CVE-2012-0037

HistoryJun 17, 2012 - 1:00 a.m.

CVE-2012-0037

2012-06-1701:00:00

redhat

www.cve.org

1

6.3 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.8%

Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.

References

blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/

librdf.org/raptor/RELEASE.html#rel2_0_7

lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html

rhn.redhat.com/errata/RHSA-2012-0410.html

rhn.redhat.com/errata/RHSA-2012-0411.html

secunia.com/advisories/48479

secunia.com/advisories/48493

secunia.com/advisories/48494

secunia.com/advisories/48526

secunia.com/advisories/48529

secunia.com/advisories/48542

secunia.com/advisories/48649

secunia.com/advisories/50692

secunia.com/advisories/60799

security.gentoo.org/glsa/glsa-201209-05.xml

vsecurity.com/resources/advisory/20120324-1/

www.debian.org/security/2012/dsa-2438

www.gentoo.org/security/en/glsa/glsa-201408-19.xml

www.libreoffice.org/advisories/CVE-2012-0037/

www.mandriva.com/security/advisories?name=MDVSA-2012:061

www.mandriva.com/security/advisories?name=MDVSA-2012:062

www.mandriva.com/security/advisories?name=MDVSA-2012:063

www.openoffice.org/security/cves/CVE-2012-0037.html

www.openwall.com/lists/oss-security/2012/03/27/4

www.osvdb.org/80307

www.securityfocus.com/bid/52681

www.securitytracker.com/id?1026837

exchange.xforce.ibmcloud.com/vulnerabilities/74235

github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0

lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E

6.3 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.8%

Related for CVELIST:CVE-2012-0037

redhat2 nessus29 openvas31 fedora4 securityvulns3 prion1 ubuntucve1 debian1 cve1 ubuntu2 veracode1 freebsd1 seebug1 centos2 rosalinux1 oraclelinux1 nvd1 gentoo2