Lucene search

PRIOn knowledge basePRION:CVE-2014-3529

HistorySep 04, 2014 - 5:55 p.m.

Xxe

2014-09-0417:55:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.8%

JSON

The OPC SAX setup in Apache POI before 3.10.1 allows remote attackers to read arbitrary files via an OpenXML file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

CPENameOperatorVersion
poieq2.5
poieq0.2
poieq3.7 beta3
poieq3.0.2 beta2
poieq3.0.1
poieq3.5
poieq1.10 dev
poieq3.10 beta1
poieq1.0.2
poieq2.0 pre3

Name	Operator	Version
poi	eq	2.5
poi	eq	0.2
poi	eq	3.7 beta3
poi	eq	3.0.2 beta2
poi	eq	3.0.1
poi	eq	3.5
poi	eq	1.10 dev
poi	eq	3.10 beta1
poi	eq	1.0.2
poi	eq	2.0 pre3

Rows per page:

1-10 of 641

References

poi.apache.org/changes.html

rhn.redhat.com/errata/RHSA-2014-1370.html

rhn.redhat.com/errata/RHSA-2014-1398.html

rhn.redhat.com/errata/RHSA-2014-1399.html

rhn.redhat.com/errata/RHSA-2014-1400.html

secunia.com/advisories/59943

secunia.com/advisories/60419

secunia.com/advisories/61766

www-01.ibm.com/support/docview.wss?uid=swg21996759

www.apache.org/dist/poi/release/RELEASE-NOTES.txt

www.securityfocus.com/bid/69647

www.securityfocus.com/bid/78018

exchange.xforce.ibmcloud.com/vulnerabilities/95770

lucene.apache.org/solr/solrnews.html