CVE-2014-3574
published 2014-09-04CVE-2014-3574: Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote attackers to cause a denial of service (CPU consumption and crash) via a crafted OOXML…
medium4.3CVSS 3.1
AVNACMAuNCNINAP
Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote attackers to cause a denial of service (CPU consumption and crash) via a crafted OOXML file, aka an XML Entity Expansion (XEE) attack.
Affected
39 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | poi | <= 3.10 | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
| apache | poi | — | — |
CVSS provenance
nvd4.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM