Lucene search

K

PRIOn knowledge basePRION:CVE-2012-0037

HistoryJun 17, 2012 - 3:41 a.m.

Xxe

2012-06-1703:41:00

PRIOn knowledge base

www.prio-n.com

6

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

74.1%

Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.

CPENameOperatorVersion
openofficeeq3.3.0
openofficeeq3.4.0 beta
debian_linuxeq6.0
fedoraeq17
fedoraeq16
raptorlt2.0.7
libreofficeeq3.5.0
libreofficelt3.4.6
enterprise_linux_desktopeq6.0
enterprise_linux_desktopeq5.0

Rows per page:

1-10 of 191

References

blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/

librdf.org/raptor/RELEASE.html

rhn.redhat.com/errata/RHSA-2012-0410.html

rhn.redhat.com/errata/RHSA-2012-0411.html

secunia.com/advisories/48479

secunia.com/advisories/48493

secunia.com/advisories/48494

secunia.com/advisories/48526

secunia.com/advisories/48529

secunia.com/advisories/48542

secunia.com/advisories/48649

secunia.com/advisories/50692

secunia.com/advisories/60799

security.gentoo.org/glsa/glsa-201209-05.xml

vsecurity.com/resources/advisory/20120324-1/

www.debian.org/security/2012/dsa-2438

www.gentoo.org/security/en/glsa/glsa-201408-19.xml

www.libreoffice.org/advisories/CVE-2012-0037/

www.mandriva.com/security/advisories?name=MDVSA-2012:061

www.mandriva.com/security/advisories?name=MDVSA-2012:062

www.mandriva.com/security/advisories?name=MDVSA-2012:063

www.openoffice.org/security/cves/CVE-2012-0037.html

www.openwall.com/lists/oss-security/2012/03/27/4

www.osvdb.org/80307

www.securityfocus.com/bid/52681

www.securitytracker.com/id?1026837

exchange.xforce.ibmcloud.com/vulnerabilities/74235

github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0

lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E

lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

74.1%

Related for PRION:CVE-2012-0037

nessus28 openvas31 securityvulns3 debian1 cve1 redhat2 fedora4 cvelist1 ubuntucve1 veracode1 freebsd1 ubuntu2 seebug1 centos2 rosalinux1 oraclelinux1 gentoo2