CVE-2014-9527

CWE-399CWE-835CWE-20Improper Input Validation8 documents7 sources
Severity
5.0MEDIUM
EPSS
1.2%
top 20.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache POIFedoraproject Fedora
Timeline
PublishedJan 6
Latest updateMay 17

Description

HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

Mavenorg.apache.poi:poi< 3.11
Debianlibapache-poi-java< 3.10.1-2+3
NVDapache/poi3.11

Also affects: Fedora 20

🔴Vulnerability Details

4
GHSA
Loop with Unreachable Exit Condition in Apache POI2022-05-17
OSV
Loop with Unreachable Exit Condition in Apache POI2022-05-17
CVEList
CVE-2014-9527: HSLFSlideShow in Apache POI before 32015-01-06
OSV
CVE-2014-9527: HSLFSlideShow in Apache POI before 32015-01-06

📋Vendor Advisories

2
Red Hat
apache-poi: denial of service in HSLFSlideShow via corrupted PPT file2014-12-21
Debian
CVE-2014-9527: libapache-poi-java - HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denia...2014

💬Community

1
Bugzilla
CVE-2014-9527 apache-poi: denial of service in HSLFSlideShow via corrupted PPT file2015-01-12
CVE-2014-9527 (MEDIUM CVSS 5) | HSLFSlideShow in Apache POI before | cvebase.io