16 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-5661
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. T...
RHEL 6 : fop (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - fop: XML external entity processing vulnerability CVE-2017-5661 Note that Nessus has not tested for this issue but...
RHEL 7 : fop (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - fop: XML external entity processing vulnerability CVE-2017-5661 Note that Nessus has not tested for this issue but...
Security Bulletin: Vulnerability found in fop-1.1.jar which is shipped with IBM® Intelligent Operations Center(CVE-2017-5661)
Summary Vulnerability have been identified in fop-1.1.jar which is shipped with IBM® Intelligent Operations Center. Information about this vulnerability affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2017-5661...
openSUSE 15 Security Update : php7 (openSUSE-SU-2021:1130-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1130-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...
openSUSE 15 Security Update : php7 (openSUSE-SU-2021:2575-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2575-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...
Security Bulletin: Security vulnerability in Apache FOP affects IBM® Rational® Quality Manager
Summary Security Vulnerability in Apache FOP shipped with IBM Rational Quality Manager was disclosed. IBM Rational Quality Manager has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-5661 DESCRIPTION: Apache FOP could allow a remote authenticated attacker to obtain sensitive...
[SECURITY] [DSA 3864-1] fop security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3864-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 27, 2017 https://www.debian.org/security/faq -...
[ASA-201705-19] fop: xml external entity injection
Arch Linux Security Advisory ASA-201705-19 ========================================== Severity: Medium Date : 2017-05-21 CVE-ID : CVE-2017-5661 Package : fop Type : xml external entity injection Remote : Yes Link : https://security.archlinux.org/AVG-254 Summary ======= The package fop before...
[SECURITY] [DLA 927-1] fop security update
Package : fop Version : 1:1.0.dfsg2-6+deb7u1 CVE ID : CVE-2017-5661 Debian Bug : 860567 In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the use...
CVE-2017-5661
In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full...
Apache XML Graphics FOP 2.1 Information Disclosure Vulnerability
Exploit for multiple platform in category remote exploits CVE-2017-5661: Apache XML Graphics FOP information disclosure vulnerability Severity: Medium Vendor: The Apache Software Foundation Versions Affected: FOP 1.0 - 2.1 Description: Files lying on the filesystem of the server which uses batik...
CVE-2017-5661
In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full...
CVE-2017-5661
CVE-2017-5661 is described in connected IBM documentation as affecting IBM Intelligent Operations Center (IOC) with fop-1.1.jar. The root cause is an XML External Entity (XXE) processing vulnerability when handling SVG/XML, potentially allowing a remote attacker to obtain sensitive information; i...
CVE-2017-5661
In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full...
CVE-2017-5661
In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full...