Lucene search
+L

216 matches found

OSV
OSV
added 2016/09/01 11:59 p.m.5 views

CVE-2016-4264

The Office Open XML OOXML feature in Adobe ColdFusion 10 before Update 21 and 11 before Update 10 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via a crafted OOXML spreadsheet containing an external entity declaration in conjunction with an entity...

8.6CVSS5.8AI score0.69044EPSS
Exploits7References6
CVE
CVE
added 2016/09/01 11:0 p.m.88 views

CVE-2016-4264

CVE-2016-4264 affects Adobe ColdFusion 10 (before Update 21) and 11 (before Update 10). The OOXML feature parser is vulnerable to XML External Entity (XXE) processing via a crafted OOXML spreadsheet containing an external entity declaration and an entity reference, enabling reading of arbitrary f...

8.6CVSS8.2AI score0.69044EPSS
Exploits7References6Affected Software1
RedHat Linux
RedHat Linux
added 2015/05/14 3:14 p.m.6 views

apache-poi: entity expansion (billion laughs) flaw

It was found that Apache POI would expand an unlimited number of entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to trigger a denial of service attack via excessive CPU and memory consumption...

4.3CVSS7.3AI score0.07395EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/10/13 4:41 p.m.5 views

apache-poi: entity expansion (billion laughs) flaw

It was found that Apache POI would expand an unlimited number of entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to trigger a denial of service attack via excessive CPU and memory consumption...

4.3CVSS6.7AI score0.07395EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/10/13 4:41 p.m.6 views

apache-poi: entity expansion (billion laughs) flaw

It was found that Apache POI would expand an unlimited number of entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to trigger a denial of service attack via excessive CPU and memory consumption...

4.3CVSS6.7AI score0.07395EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/10/13 4:41 p.m.6 views

apache-poi: XML eXternal Entity (XXE) flaw

It was found that Apache POI would resolve entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to read files accessible to the user running the application server, and potentially perform more advanced XML External Entity...

4.3CVSS6.7AI score0.13258EPSS
Exploits0References4
OSV
OSV
added 2014/09/04 5:55 p.m.2 views

DEBIAN-CVE-2014-3574

Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote attackers to cause a denial of service CPU consumption and crash via a crafted OOXML file, aka an XML Entity Expansion XEE attack...

4.3CVSS6.8AI score0.07395EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.37 views

openSUSE Security Update : libreoffice (openSUSE-SU-2012:1686-1)

LibreOffice was updated to 3.5.4.13 3.5.6rc2 based, fixing a security issue and lots of bugs : - NULL pointer dereference bnc778669, CVE-2012-4233 - bullet-color-pptx-import.diff: bullets should have same color as following text by default; missing part of the fix bnc734733 - update to...

4.3CVSS8.2AI score0.03482EPSS
Exploits0References25
OSV
OSV
added 2013/07/31 1:20 p.m.2 views

DEBIAN-CVE-2013-4156

Apache OpenOffice.org OOo before 4.0 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted element in an OOXML document file...

6.8CVSS7.1AI score0.03958EPSS
Exploits1References1
OSV
OSV
added 2013/07/31 1:20 p.m.3 views

UBUNTU-CVE-2013-4156

Apache OpenOffice.org OOo before 4.0 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted element in an OOXML document file...

6.8CVSS5.9AI score0.03958EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2012/10/18 12:0 a.m.5 views

VulnCheck KEV: CVE-2009-0561

Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; Microsoft...

9.3CVSS5.8AI score0.36897EPSS
Exploits1References1
Fedora
Fedora
added 2012/08/03 11:28 a.m.30 views

[SECURITY] Fedora 17 Update: apache-poi-3.8-2.fc17

The Apache POI Project's mission is to create and maintain Java APIs for manipulating various file formats based upon the Office Open XML standards OOXML and Microsoft's OLE 2 Compound Document format OLE2. In short, you can read and write MS Excel files using Java. In addition, you can read and...

5CVSS0.2AI score0.07503EPSS
Exploits0
OpenVAS
OpenVAS
added 2012/05/22 12:0 a.m.29 views

Fedora Update for apache-poi FEDORA-2012-7683

Check for the Version of apache-poi OpenVAS Vulnerability Test Fedora Update for apache-poi FEDORA-2012-7683 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

5CVSS5.9AI score0.07503EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/05/22 12:0 a.m.25 views

Fedora Update for apache-poi FEDORA-2012-7686

Check for the Version of apache-poi OpenVAS Vulnerability Test Fedora Update for apache-poi FEDORA-2012-7686 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

5CVSS5.9AI score0.07503EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2012/01/01 12:0 a.m.4 views

VulnCheck KEV: CVE-2011-1269

Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 make unspecified function calls during file parsing without proper handling of memory,...

9.3CVSS5.8AI score0.14883EPSS
Exploits1References1
Prion
Prion
added 2011/09/15 12:26 p.m.25 views

Heap overflow

Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly parse records in Excel spreadsheets, which...

9.3CVSS8AI score0.18609EPSS
Exploits1References3Affected Software3
Prion
Prion
added 2011/09/15 12:26 p.m.22 views

Design/Logic Flaw

Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats...

9.3CVSS8AI score0.21135EPSS
Exploits0References3Affected Software5
CVE
CVE
added 2011/09/15 10:0 a.m.160 views

CVE-2011-1988

Microsoft Excel heap memory corruption vulnerability (MS11-072) tied to parsing BIFF2 records in Excel files can allow remote code execution. Affected products include Excel 2003 SP3, 2007 SP2, Office 2007 SP2, Office for Mac variants, Open XML Converter for Mac, Excel Viewer SP2, and related Mac...

9.3CVSS7.4AI score0.18609EPSS
Exploits1References3Affected Software5
seebug.org
seebug.org
added 2011/09/15 12:0 a.m.45 views

Microsoft Excel畸形记录远程代码执行漏洞(MS11-072)

BUGTRAQ ID: 49478 CVECAN ID: CVE-2011-1988 Microsoft Excel是由Microsoft为Windows和Apple Macintosh操作系统的电脑而编写和运行的一款试算表软件。 Microsoft Excel在处理畸形记录时存在远程代码执行漏洞,远程攻击者可利用此漏洞以当前用户权限执行任意代码。 Excel解析电子表格文件中的特制记录时,其中的特定值可触发内存破坏漏洞。 Microsoft Excel 2010 Microsoft Excel 2007 Microsoft Excel 2003 Microsoft Office...

9.3CVSS6.9AI score0.18609EPSS
Exploits1
seebug.org
seebug.org
added 2011/09/15 12:0 a.m.42 views

Microsoft Excel数组索引远程代码执行漏洞(MS11-072)

BUGTRAQ ID: 49477 CVECAN ID: CVE-2011-1987 Microsoft Excel是由Microsoft为Windows和Apple Macintosh操作系统的电脑而编写和运行的一款试算表软件。 Microsoft Excel在处理特制Excel文件时存在远程代码执行漏洞,远程攻击者可利用此漏洞以当前用户权限执行任意代码,可能造成拒绝服务。...

9.3CVSS6.9AI score0.20486EPSS
Exploits1
Rows per page
Query Builder