CPE-224A6F46-D0D8-445E-A44D-95B4DA9AADEB Detail

CPE Details

Apache Software Foundation POI 3. alpha1

Vendor

apache

Product

poi

Version

3.0

Created

2012-08-08
14h44 +00:00

Modified

2012-08-21
21h52 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:apache:poi:3.0:alpha1::::::

Informations

Vendor

apache

Product

poi

Version

3.0

Update

alpha1

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2022-26336	2022-03-03 23h00 +00:00	A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files (Microsoft Outlook and Microsoft Exchange Server). If an application uses poi-scratchpad to parse TNEF files and the application allows untrusted users to supply them, then a carefully crafted file can cause an Out of Memory exception. This issue affects poi-scratchpad version 5.2.0 and prior versions. Users are recommended to upgrade to poi-scratchpad 5.2.1.	5.5	Medium
CVE-2019-12415	2019-10-23 17h27 +00:00	In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing.	5.5	Medium
CVE-2017-12626	2018-01-29 17h00 +00:00	Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1) Infinite Loops while parsing crafted WMF, EMF, MSG and macros (POI bugs 61338 and 61294), and 2) Out of Memory Exceptions while parsing crafted DOC, PPT and XLS (POI bugs 52372 and 61295).	7.5	High
CVE-2017-5644	2017-03-24 13h00 +00:00	Apache POI in versions prior to release 3.15 allows remote attackers to cause a denial of service (CPU consumption) via a specially crafted OOXML file, aka an XML Entity Expansion (XEE) attack.	5.5	Medium
CVE-2016-5000	2016-08-05 12h00 +00:00	The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.	5.5	Medium
CVE-2014-3529	2014-09-04 15h00 +00:00	The OPC SAX setup in Apache POI before 3.10.1 allows remote attackers to read arbitrary files via an OpenXML file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.	4.3
CVE-2014-3574	2014-09-04 15h00 +00:00	Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote attackers to cause a denial of service (CPU consumption and crash) via a crafted OOXML file, aka an XML Entity Expansion (XEE) attack.	4.3
CVE-2012-0213	2012-08-07 19h00 +00:00	The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document.	5

Apache Software Foundation POI 3. alpha1

CPE Details

CPE Name: cpe:2.3:a:apache:poi:3.0:alpha1:*:*:*:*:*:*

Informations

Vendor

Product

Version

Update

Related CVE

CPE Name: cpe:2.3:a:apache:poi:3.0:alpha1::::::