 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2014.0550 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2014-0550) |
| Zusammenfassung: | The remote host is missing an update for the 'apache-poi' package(s) announced via the MGASA-2014-0550 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'apache-poi' package(s) announced via the MGASA-2014-0550 advisory. Vulnerability Insight: Updated apache-poi packages fix security vulnerabilities: It was found that Apache POI would resolve entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks (CVE-2014-3529). It was found that Apache POI would expand an unlimited number of entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to trigger a denial of service attack via excessive CPU and memory consumption (CVE-2014-3574). Affected Software/OS: 'apache-poi' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-3529 BugTraq ID: 69647 http://www.securityfocus.com/bid/69647 BugTraq ID: 78018 http://www.securityfocus.com/bid/78018 RedHat Security Advisories: RHSA-2014:1370 http://rhn.redhat.com/errata/RHSA-2014-1370.html RedHat Security Advisories: RHSA-2014:1398 http://rhn.redhat.com/errata/RHSA-2014-1398.html RedHat Security Advisories: RHSA-2014:1399 http://rhn.redhat.com/errata/RHSA-2014-1399.html RedHat Security Advisories: RHSA-2014:1400 http://rhn.redhat.com/errata/RHSA-2014-1400.html http://secunia.com/advisories/59943 http://secunia.com/advisories/60419 http://secunia.com/advisories/61766 XForce ISS Database: apache-poi-cve20143529-info-disc(95770) https://exchange.xforce.ibmcloud.com/vulnerabilities/95770 Common Vulnerability Exposure (CVE) ID: CVE-2014-3574 BugTraq ID: 69648 http://www.securityfocus.com/bid/69648 XForce ISS Database: apache-poi-cve20143574-dos(95768) https://exchange.xforce.ibmcloud.com/vulnerabilities/95768 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |