9 matches found
Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management
Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF16 patch Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption...
Security Bulletin: Apache POI as used in IBM QRadar SIEM is vulnerable to various CVEs.
Summary Vulnerabilities affecting Apache Poi as used in IBM QRadar SIEM Vulnerability Details CVE-ID: CVE-2012-0213 Description: Apache POI is vulnerable to a denial of service, caused by the improper handling of memory when processing certain Channel Definition Format CDF/ Compound File Binary...
Security Bulletin: IBM Forms Experience Builder could be susceptible to Apache POI Vulnerabilities
Summary IBM Forms Experience Builder could be susceptible to allowing for a denial of service, cause by an error in Apache POI Libraries Vulnerability Details CVEID: CVE-2014-3574 DESCRIPTION: Apache POI is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error wh...
Security Bulletin: IBM WebSphere Dashboard Framework is affected by a security vulnerability in Apache POI (CVE-2016-5000)
Summary Apache POI, which is bundled with IBM WebSphere Dashboard Framework, could allow a remote attacker to obtain sensitive information. Vulnerability Details IBM WebSphere Dashboard Framework WDF bundles a copy of Apache POI, which is used by the spreadsheet integration functionality. CVEID:...
CVE-2016-5000
The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...
CVE-2016-5000
The CVE-2016-5000 entry concerns the XLSX2CSV example in Apache POI. The root cause is an XML External Entity (XXE) vulnerability introduced when parsing OpenXML in the XLSX2CSV path, allowing a crafted document to cause an external-entity reference to read arbitrary files. Affected products/vers...
CVE-2016-5000
The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...
CVE-2016-5000
The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...
CVE-2016-5000
The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...