Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/10/14 5:58 a.m.34 views

Security Bulletin: IBM Daeja ViewONE Virtual 5.0.14 iFix 5 addresses CVE-2017-9096

Summary IBM Daeja ViewONE Virtual 5.0.14 iFix 5 released on October 3, 2024 addresses the vulnerable library iText reported under CVE-2017-9096 by removing it. Vulnerability Details CVEID:CVE-2017-9096 DESCRIPTION: iText PDF Library could allow a remote authenticated attacker to obtain sensitive...

8.8CVSS6AI score0.09946EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/10/21 12:0 a.m.128 views

Oracle Primavera Unifier (Oct 2020 CPU)

The 16.1-16.2, 17.7-17.12, 18.8, and 19.12 versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2020 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Platfor...

9.1CVSS6.5AI score0.98567EPSS
Exploits13References8
RedhatCVE
RedhatCVE
added 2017/11/14 8:49 a.m.62 views

CVE-2017-9096

The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity XXE attacks via a crafted PDF...

8.8CVSS6.1AI score0.09946EPSS
Exploits1References2
0day.today
0day.today
added 2017/11/09 12:0 a.m.715 views

iText PDF Library 7.0.2 / 5.5.11 / 2.0.8 XXE Injection Vulnerability

Exploit for java platform in category remote exploits Product: iText PDF Library Vendor: iText Group CVE ID: CVE-2017-9096 Subject: XML External Entity Attack XXE Risk: Medium Effect: Remotely exploitable Author: Benjamin Bruppacher Date: 2017-11-06 Introduction: ------------- iText is a software...

6.8CVSS0.2AI score0.09946EPSS
Exploits1
NVD
NVD
added 2017/11/08 4:29 p.m.28 views

CVE-2017-9096

The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity XXE attacks via a crafted PDF...

8.8CVSS8.5AI score0.09946EPSS
Exploits1References4
CVE
CVE
added 2017/11/08 4:0 p.m.317 views

CVE-2017-9096

The CVE-2017-9096 issue concerns the iText PDF library where XML parsers do not disable external entities, enabling XXE via crafted PDFs. Public docs identify the root cause as improper XML External Entity handling in iText before 5.5.12 and before 7.0.3, with IBM Bulletins noting fixes in IBM Da...

8.8CVSS8.3AI score0.09946EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder