CVE-2012-0213
Vulnerability from cvelistv5
Published
2012-08-07 21:00
Modified
2024-08-06 18:16
Severity ?
Summary
The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document.
References
security@debian.orghttp://lists.fedoraproject.org/pipermail/package-announce/2012-August/084609.html
security@debian.orghttp://rhn.redhat.com/errata/RHSA-2012-1232.html
security@debian.orghttp://secunia.com/advisories/49040Vendor Advisory
security@debian.orghttp://secunia.com/advisories/50549
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21996759
security@debian.orghttp://www.debian.org/security/2012/dsa-2468
security@debian.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2013:094
security@debian.orghttp://www.securityfocus.com/bid/53487
security@debian.orghttps://bugzilla.redhat.com/show_bug.cgi?id=799078
security@debian.orghttps://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0044
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2012-August/084609.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2012-1232.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/49040Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/50549
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21996759
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2012/dsa-2468
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2013:094
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/53487
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=799078
af854a3a-2127-422b-91ae-364da2661108https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0044
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:16:19.382Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21996759"
          },
          {
            "name": "49040",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49040"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0044"
          },
          {
            "name": "DSA-2468",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2468"
          },
          {
            "name": "50549",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50549"
          },
          {
            "name": "FEDORA-2012-10835",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-August/084609.html"
          },
          {
            "name": "53487",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/53487"
          },
          {
            "name": "RHSA-2012:1232",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1232.html"
          },
          {
            "name": "MDVSA-2013:094",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:094"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=799078"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-05-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-02-10T21:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21996759"
        },
        {
          "name": "49040",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49040"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0044"
        },
        {
          "name": "DSA-2468",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2468"
        },
        {
          "name": "50549",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/50549"
        },
        {
          "name": "FEDORA-2012-10835",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-August/084609.html"
        },
        {
          "name": "53487",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/53487"
        },
        {
          "name": "RHSA-2012:1232",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1232.html"
        },
        {
          "name": "MDVSA-2013:094",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:094"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=799078"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2012-0213",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21996759",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21996759"
            },
            {
              "name": "49040",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49040"
            },
            {
              "name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0044",
              "refsource": "CONFIRM",
              "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0044"
            },
            {
              "name": "DSA-2468",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2468"
            },
            {
              "name": "50549",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/50549"
            },
            {
              "name": "FEDORA-2012-10835",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-August/084609.html"
            },
            {
              "name": "53487",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/53487"
            },
            {
              "name": "RHSA-2012:1232",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1232.html"
            },
            {
              "name": "MDVSA-2013:094",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:094"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=799078",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=799078"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2012-0213",
    "datePublished": "2012-08-07T21:00:00",
    "dateReserved": "2011-12-14T00:00:00",
    "dateUpdated": "2024-08-06T18:16:19.382Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-0213\",\"sourceIdentifier\":\"security@debian.org\",\"published\":\"2012-08-07T21:55:01.093\",\"lastModified\":\"2024-11-21T01:34:35.577\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n UnhandledDataStructure en hwpf/model/UnhandledDataStructure.java en Apache POI v3.8 y anteriores permite a atacantes remotos earlier provocar una denegaci\u00f3n de servicio (excepci\u00f3n OutOfMemoryError y posiblemente desestabilizaci\u00f3n JVM) mediante un valor de longitud manipulado en un Channel Definition Format (CDF) o en un documento Compound File Binary Format (CFBF).\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.8\",\"matchCriteriaId\":\"1CDF1F8B-7A6A-4938-A36C-02985A7299C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBE2279A-42D7-4FBE-A732-55950225E450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B4D079D-DDA3-41D4-9B19-05BBF8E50095\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEDD83D8-2668-4693-A7FB-48F09E1764F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"806A1439-DBB1-4DB0-9D1C-BB9F686C6C99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF5C9105-FC01-475F-9D89-6A91FBF2949F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C858F25-4858-41C6-9BCB-9665D21F265E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1C3884A-0D34-4256-B2BD-6D7F1A6952EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:0.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6724EEA0-E884-4884-8097-7F833BE58AE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:0.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31C2DDFE-B1B1-42F3-BDE7-09E1DC1F8FDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:0.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81846632-36FF-4149-BCA0-C22B65F220A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:0.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F3B9C2F-F10D-4A83-A624-6D6E3E21032A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:0.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75DF4E14-87F4-4AF0-9DF8-E1DA10948255\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"148DF854-533C-48DF-ACF2-13A6A07D03EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B08B2CFF-6357-4830-B5F5-C335B4975E19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECEF1F3B-CE2F-4F6B-A78E-38A340092796\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19F54B1C-8894-44F5-AFEC-D0E2863EDB57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:1.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"256470D1-508C-4B0E-B7A3-B2E6357D2372\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57B95965-17EE-4BCF-BFC1-75FEC936F756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:1.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A135A468-8408-4396-8493-CF62C642F1B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:1.7:dev:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0FD0D91-0BA7-4CC2-9665-387F4A637FB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:1.8:dev:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2200AC8-A934-45FF-8C38-B4826CEB68E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:1.10:dev:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BEC6E7F-81C4-4728-8BE9-CF8D0E35125F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0395450F-5486-425C-B6BE-549F2CE24C13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:2.0:pre1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC948D61-A860-4E8E-975D-B19929AD27EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:2.0:pre2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1093F797-CF22-4E3D-8F54-3E8F3E7059F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:2.0:pre3:*:*:*:*:*:*\",\"matchCriteriaId\":\"602F0B28-D553-4F29-BFCB-7F4A409E40F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:2.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3202EBFB-B547-4BA2-8219-E00A86995D3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:2.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4466C398-24F7-442F-9327-94E52B73FA7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A7F3423-7636-43DB-8C50-DB83A42D5CFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:2.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05CE5511-6C01-4E19-A351-88B7A944531D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80482643-A5E8-4585-BAD7-E30B40F2552E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.0:alpha1:*:*:*:*:*:*\",\"matchCriteriaId\":\"258A5FF1-C199-4775-9ACC-902D649E751E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.0:alpha2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1F4F15E-0B5E-4DFB-B36C-7470B6454B97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.0:alpha3:*:*:*:*:*:*\",\"matchCriteriaId\":\"22591C38-3610-4910-ABE5-1574446F6650\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1B4039C-1C2A-478F-8F08-9090DD2CEA5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A2FF35B-4D43-4BB2-8C0D-B8A66CFB58CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.0.2:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4855870F-388F-4E72-A4F8-AAE61187A433\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.0.2:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD88A7B3-23BE-411E-9415-B47B5896FFD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E19E7943-2097-4C17-B344-948AB45CA308\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.1:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"11E7FCD1-4FE9-4C36-B1A0-745A48999DC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.1:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"45B1D735-DC16-4B1A-A21D-599E7F12651C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC416E22-96C7-4D15-A7C3-6EA2121DCBD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8F16224-613E-4FC2-A3AB-CD5EB11D4B39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.5:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0004217-3B76-48B1-97F7-F0E548FBD6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.5:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"392805F3-3B33-4E20-8108-6ED62DFE7480\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.5:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE4F139F-2003-453F-9D09-DBD4F2AEE31C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.5:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"418B65CF-9DB9-4A84-9872-4C87CC3DA76E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.5:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB86DA57-CE46-4651-84E1-409F2375A997\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.5:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"53A87A07-867B-48A9-BC89-47844EF461C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA8F24BA-849D-4C37-8094-EF2B6ABE4493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F6C7373-073C-4F4E-859A-4EF82EF6FB72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.7:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC7693A6-11AC-4BF9-9307-49D028F19885\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.7:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D435C18-BB4B-4023-8A52-49D44F1A7E9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.7:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"78A2929E-010F-4C4E-AC2D-3C3AC19B5A7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.8:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8D5A4F1-6445-45B9-A938-3AF76D3BE56C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.8:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6861547D-D84E-4C5C-B85E-D3E1B77DE9FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.8:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E585E98A-EB9A-492F-8902-85D99AC8E554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.8:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EC5C97D-E6B3-466B-A781-60CA5D2AE9B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:poi:3.8:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"258BC823-5828-44B4-AFF5-A7E49281FD10\"}]}]}],\"references\":[{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/084609.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-1232.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/49040\",\"source\":\"security@debian.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/50549\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21996759\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.debian.org/security/2012/dsa-2468\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:094\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.securityfocus.com/bid/53487\",\"source\":\"security@debian.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=799078\",\"source\":\"security@debian.org\"},{\"url\":\"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0044\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/084609.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-1232.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/49040\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/50549\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21996759\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2012/dsa-2468\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:094\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/53487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=799078\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0044\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.