Описание
HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file.
A denial of service flaw was found in the way the HSLFSlideShow class implementation in Apache POI handled certain PPT files. A remote attacker could submit a specially crafted PPT file that would cause Apache POI to hang indefinitely.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat BPM Suite 6 | apache-poi | Affected | ||
| Red Hat Enterprise Virtualization 3 | jasperreports-server-pro | Under investigation | ||
| Red Hat JBoss BRMS 5 | apache-poi | Will not fix | ||
| Red Hat JBoss BRMS 6 | apache-poi | Affected | ||
| Red Hat JBoss Fuse Service Works 6 | apache-poi | Affected | ||
| Red Hat JBoss Portal 6 | apache-poi | Will not fix | ||
| Red Hat Satellite 5.6 | jakarta-poi | Under investigation | ||
| Red Hat JBoss Data Virtualization 6.2 | apache-poi | Fixed | RHSA-2016:1135 | 26.05.2016 |
Показывать по
Дополнительная информация
Статус:
4.3 Medium
CVSS2
Связанные уязвимости
HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file.
HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file.
HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cau ...
4.3 Medium
CVSS2