Lucene search

K

ApacheCVELIST:CVE-2017-12626

HistoryJan 26, 2018 - 12:00 a.m.

CVE-2017-12626

2018-01-2600:00:00

apache

www.cve.org

2

8.5 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.6%

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1) Infinite Loops while parsing crafted WMF, EMF, MSG and macros (POI bugs 61338 and 61294), and 2) Out of Memory Exceptions while parsing crafted DOC, PPT and XLS (POI bugs 52372 and 61295).

CNA Affected

[
  {
    "product": "Apache POI",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "< 3.17"
      }
    ]
  }
]

References

www.securityfocus.com/bid/102879

access.redhat.com/errata/RHSA-2018:1322

lists.apache.org/thread.html/453d9af5dbabaccd9afb58d27279a9dbfe8e35f4e5ea1645ddd6960b%40%3Cdev.poi.apache.org%3E

lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E

www.oracle.com/security-alerts/cpuapr2020.html

www.oracle.com/security-alerts/cpuApr2021.html

www.oracle.com/security-alerts/cpujan2020.html

www.oracle.com/security-alerts/cpujan2021.html

www.oracle.com/security-alerts/cpujul2020.html

www.oracle.com/security-alerts/cpuoct2020.html

www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

8.5 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.6%

Related for CVELIST:CVE-2017-12626

ibm23 github1 symantec1 osv2 fedora1 debiancve1 cve1 redhatcve1 veracode1 nvd1 ubuntucve1 prion1 nessus6 redhat1 oracle7