CVE-2014-9527 – apache-poi: denial of service in HSLFSlideShow via corrupted PPT file
https://notcve.org/view.php?id=CVE-2014-9527
HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file. HSLFSlideShow en Apache POI anterior a 3.11 permite a atacantes remotos causar una denegación de servicio (bucle infinito y bloqueo) a través de un fichero PPT manipulado. A denial of service flaw was found in the way the HSLFSlideShow class implementation in Apache POI handled certain PPT files. A remote attacker could submit a specially crafted PPT file that would cause Apache POI to hang indefinitely. • http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150228.html http://poi.apache.org/changes.html http://secunia.com/advisories/61953 http://www-01.ibm.com/support/docview.wss?uid=swg21996759 http://www.securityfocus.com/bid/77726 https://access.redhat.com/errata/RHSA-2016:1135 https://issues.apache.org/bugzilla/show_bug.cgi?id=57272 https://access.redhat.com/security/cve/CVE-2014-9527 https://bugzilla.redhat.com/show_bug.cgi?id=1181223 • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •
CVE-2014-3574 – apache-poi: entity expansion (billion laughs) flaw
https://notcve.org/view.php?id=CVE-2014-3574
Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote attackers to cause a denial of service (CPU consumption and crash) via a crafted OOXML file, aka an XML Entity Expansion (XEE) attack. Apache POI anterior a 3.10.1 y 3.11.x anterior a 3.11-beta2 permite a atacantes remotos causar una denegación de servicio (consumo de CPU y caída) a través de un fichero OOXML manipulado, también conocido como un ataque de expansión de entidad XML (XEE). It was found that Apache POI would expand an unlimited number of entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to trigger a denial of service attack via excessive CPU and memory consumption. • http://poi.apache.org/changes.html http://rhn.redhat.com/errata/RHSA-2014-1370.html http://rhn.redhat.com/errata/RHSA-2014-1398.html http://rhn.redhat.com/errata/RHSA-2014-1399.html http://rhn.redhat.com/errata/RHSA-2014-1400.html http://secunia.com/advisories/59943 http://secunia.com/advisories/60419 http://secunia.com/advisories/61766 http://www-01.ibm.com/support/docview.wss?uid=swg21996759 http://www.apache.org/dist/poi/release/RELEASE-NOTES.txt http:/ •
CVE-2014-3529 – apache-poi: XML eXternal Entity (XXE) flaw
https://notcve.org/view.php?id=CVE-2014-3529
The OPC SAX setup in Apache POI before 3.10.1 allows remote attackers to read arbitrary files via an OpenXML file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. La configuración de OPC SAX en Apache POI anterior a 3.10.1 permite a atacantes remotos leer ficheros arbitrarios a través de un fichero OpenXML que contiene una declaración de entidad externa XML en conjunto con una referencia de entidad, relacionado con un problema de entidad externa XML (XXE). It was found that Apache POI would resolve entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to read files accessible to the user running the application server, and potentially perform more advanced XML External Entity (XXE) attacks. • http://poi.apache.org/changes.html http://rhn.redhat.com/errata/RHSA-2014-1370.html http://rhn.redhat.com/errata/RHSA-2014-1398.html http://rhn.redhat.com/errata/RHSA-2014-1399.html http://rhn.redhat.com/errata/RHSA-2014-1400.html http://secunia.com/advisories/59943 http://secunia.com/advisories/60419 http://secunia.com/advisories/61766 http://www-01.ibm.com/support/docview.wss?uid=swg21996759 http://www.apache.org/dist/poi/release/RELEASE-NOTES.txt http:/ •
CVE-2012-0213 – jakarta: JVM destabilization due to memory exhaustion when processing CDF/CFBF files
https://notcve.org/view.php?id=CVE-2012-0213
The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document. La función UnhandledDataStructure en hwpf/model/UnhandledDataStructure.java en Apache POI v3.8 y anteriores permite a atacantes remotos earlier provocar una denegación de servicio (excepción OutOfMemoryError y posiblemente desestabilización JVM) mediante un valor de longitud manipulado en un Channel Definition Format (CDF) o en un documento Compound File Binary Format (CFBF). • http://lists.fedoraproject.org/pipermail/package-announce/2012-August/084609.html http://rhn.redhat.com/errata/RHSA-2012-1232.html http://secunia.com/advisories/49040 http://secunia.com/advisories/50549 http://www-01.ibm.com/support/docview.wss?uid=swg21996759 http://www.debian.org/security/2012/dsa-2468 http://www.mandriva.com/security/advisories?name=MDVSA-2013:094 http://www.securityfocus.com/bid/53487 https://bugzilla.redhat.com/show_bug.cgi?id=799078 https://wiki.mageia& • CWE-399: Resource Management Errors •