Denial Of Service (DoS)

🗓️ 29 Jan 2018 04:14:26Reported by Veracode Vulnerability DatabaseType

Apache poi vulnerable to DoS attacks when parsing various file type

Reporter	Title	Published	Views	Family All 62
Gitee	Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat	16 May 202116:14	–	gitee
Gitee	Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat	27 Apr 202114:33	–	gitee
Gitee	Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat	22 Oct 202115:45	–	gitee
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities Impact IBM Predictive Insights	8 Sep 202020:36	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities found in poi-3.9.jar, poi-scratchpad-3.9.jar which is shipped with IBM® Intelligent Operations Center(CVE-2017-12626, CVE-2014-9527)	5 Sep 202312:55	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities	13 Aug 202122:15	–	ibm
IBM Security Bulletins	Security Bulletin: Apache Poi as used by IBMQRadar SIEM is vulnerable to information disclosure (CVE-2019-12415, CVE-2017-12626)	21 Dec 202012:38	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities found in poi-3.9.jar which is shipped with IBM® Intelligent Operations Center [CVE-2017-12626 and X-Force ID: 220800]	7 Sep 202310:42	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect embedded rules in IBM Business Automation Workflow	11 Jan 202413:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Business Intelligence has addressed multiple vulnerabilties	19 Dec 201921:01	–	ibm

Vulners

Node

apache poiRange3.0-FINAL–3.17-beta1java

apache poiMatch3.2-final-20081019java

apache poi-scratchpadRange3.14–3.17-beta1java

apache poi-scratchpadRange3.0.1-FINAL–3.14-beta1java

Source	Link
mail-archives	www.mail-archives.us.apache.org/mod_mbox/www-announce/201801.mbox/%[email protected]%3E
securityfocus	www.securityfocus.com/bid/102879
github	www.github.com/apache/poi/commit/cd6236c74b55763a27e3e9b5f269c28bc9c98419
github	www.github.com/apache/poi/commit/df3910135fd9c442b4e746e4b156362fd2e8d755
github	www.github.com/apache/poi/commit/a07ed9e86474da98f204efadfd5b9327009a0d21
bz	www.bz.apache.org/bugzilla/show_bug.cgi
bz	www.bz.apache.org/bugzilla/show_bug.cgi
github	www.github.com/apache/poi/compare/d1a51f76f0786c1e1c515cab362550cebd525589...c7db66a30dfb6cbbd5812ff3ae4c90ed2d9b9a27
bz	www.bz.apache.org/bugzilla/show_bug.cgi
bz	www.bz.apache.org/bugzilla/show_bug.cgi

08 Nov 2023 01:14Current

8.1High risk

Vulners AI Score8.1

CVSS 25

CVSS 37.5

EPSS0.01114