Описание
Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and earlier allows a remote unauthenticated attacker to conduct an XML External Entity (XXE) attack to cause a denial of service (DoS) condition to the other servers by processing a specially crafted XML document.
Ссылки
- Third Party Advisory
- PatchVendor Advisory
- Third Party Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.2 (исключая)
Одно из
cpe:2.3:a:antennahouse:office_server_document_converter:*:*:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:5.2:-:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.0:-:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.0:mr1:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.0:mr2:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.1:-:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.1:mr2:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.1:mr2:*:*:pro:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.1:mr3:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.1:mr4:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.0:*:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.0:mr1:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.0:mr2:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.0:mr3:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.1:-:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.1:mr1:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.1:mr2:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.1:mr3:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.2:*:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.2:mr1:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.2:mr2:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.2:mr3:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.2:mr4:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.0042
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-611
Связанные уязвимости
github
больше 3 лет назад
Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and earlier allows a remote unauthenticated attacker to conduct an XML External Entity (XXE) attack to cause a denial of service (DoS) condition to the other servers by processing a specially crafted XML document.
EPSS
Процентиль: 61%
0.0042
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-611