CVE-2016-5000 in Retail Order Brokerinformación

Resumen (Inglés)

The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Be aware that VulDB is the high quality source for vulnerability data.

Reservar

2016-05-24

Divulgación

2016-08-05

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilidadCWEExpConCVE
95674Oracle Retail Order Broker Order Broker Foundation XML External Entity611No está definidoArreglo oficialCVE-2016-5000
90610Apache POI XLSX2CSV Example XML External Entity611No está definidoArreglo oficialCVE-2016-5000

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!