14 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-3574
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote attackers to cause a denial of service CPU consumption and crash via a crafted OOXML file, a...
Security Bulletin: Vulnerabilities found in poi-ooxml-3.9.jar which is shipped with IBM® Intelligent Operations Center(CVE-2017-5644, CVE-2019-12415, CVE-2014-3574, CVE-2014-3529)
Summary Multiple vulnerabilities have been identified in poi-ooxml-3.9.jar which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...
Security Bulletin: Atlas eDiscovery Process Management is affected by a vulnerable poi-ooxml-3.9.jar
Summary Atlas eDiscovery Process Management is affected by a vulnerable poi-ooxml-3.9.jar. Hence poi-ooxml-3.9.jar upgraded to poi-ooxml-4.0.jar to fix vulnerabilities. Vulnerability Details CVEID:CVE-2017-5644 DESCRIPTION: Apache POI is vulnerable to a denial of service, cause by an XML External...
org.apache.poi:poi-examples (=3.11-beta1), org.apache.poi:poi-excelant (=3.11-beta1) +2 more potentially affected by CVE-2014-3574 via org.apache.poi:poi (=3.11-beta1)
org.apache.poi:poi MAVEN version =3.11-beta1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.poi:poi and may be impacted: - org.apache.poi:poi-examples =3.11-beta1 - org.apache.poi:poi-excelant =3.11-beta1 - org.apache.poi:poi-ooxml...
be.thematchbox:AbstractRiver (>=1.0.1 <=1.1.0), br.com.starcode.trex:t-rex (=0.7.1) +319 more potentially affected by CVE-2014-3574 via org.apache.poi:poi (>=3.0-FINAL <=3.10-beta2)
org.apache.poi:poi MAVEN version =3.0-FINAL, =1.0.1, =1.0.4, =5.0.1.1, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.6.4 and more Source cves: CVE-2014-3574 Source advisory: OSV:GHSA-5WFP-8643-C58X...
Security Bulletin: Apache POI as used in IBM QRadar SIEM is vulnerable to various CVEs.
Summary Vulnerabilities affecting Apache Poi as used in IBM QRadar SIEM Vulnerability Details CVE-ID: CVE-2012-0213 Description: Apache POI is vulnerable to a denial of service, caused by the improper handling of memory when processing certain Channel Definition Format CDF/ Compound File Binary...
Security Bulletin: IBM Forms Experience Builder could be susceptible to Apache POI Vulnerabilities
Summary IBM Forms Experience Builder could be susceptible to allowing for a denial of service, cause by an error in Apache POI Libraries Vulnerability Details CVEID: CVE-2014-3574 DESCRIPTION: Apache POI is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error wh...
Fedora Update for apache-poi FEDORA-2015-2087
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated apache-poi packages fix security vulnerabilities
Updated apache-poi packages fix security vulnerabilities: It was found that Apache POI would resolve entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to read files accessible to the user running the application server,...
Moderate: Red Hat Security Advisory: Apache POI security update
An update for the Apache POI component that fixes two security issues is now available from the Red Hat Customer Portal for Red Hat JBoss BPM Suite 6.0.3. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...
Fedora 21 : apache-poi-3.10.1-1.fc21 (2014-10171)
Update to 3.10.1 Bug 1138135: CVE-2014-3574 CVE-2014-3529 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora 20 : apache-poi-3.10.1-1.fc20 (2014-10322)
Update to 3.10.1 - Security fix for CVE-2014-3529, CVE-2014-3574 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing addition...
CVE-2014-3574
Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote attackers to cause a denial of service CPU consumption and crash via a crafted OOXML file, aka an XML Entity Expansion XEE attack...
CVE-2014-3574
Apache POI is affected by CVE-2014-3574. Affected versions: POI before 3.10.1 and 3.11.x before 3.11-beta2. Root cause: XML Entity Expansion (XEE) in OOXML processing. Impact: remote attacker can cause a denial of service via crafted OOXML files (CPU consumption and crash). Remediation: upgrade t...