Poi@0.5 Security Vulnerabilities and Issues — Poi@0.5 CVE List

Lucene search

ApachePoi0.5

3 matches found

CVE•added 2012/08/07 9:55 p.m.•80 views

CVE-2012-0213

The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound ...

5CVSS5.5AI score0.13063EPSS

CVE•added 2014/09/04 5:55 p.m.•78 views

CVE-2014-3574

Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote attackers to cause a denial of service (CPU consumption and crash) via a crafted OOXML file, aka an XML Entity Expansion (XEE) attack.

4.3CVSS6.7AI score0.11114EPSS

CVE•added 2014/09/04 5:55 p.m.•77 views

CVE-2014-3529

The OPC SAX setup in Apache POI before 3.10.1 allows remote attackers to read arbitrary files via an OpenXML file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

4.3CVSS7.1AI score0.04546EPSS