← Back to CVEs
CVE-2014-3574
N/ADescription
Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote attackers to cause a denial of service (CPU consumption and crash) via a crafted OOXML file, aka an XML Entity Expansion (XEE) attack.
CVE Details
CVSS v3.1 ScoreN/A
Published9/4/2014
Last Modified4/12/2025
Sourcenvd
Honeypot Sightings0
Affected Products
apache:poi
References
http://poi.apache.org/changes.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2014-1370.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2014-1398.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2014-1399.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2014-1400.html(secalert@redhat.com)
http://secunia.com/advisories/59943(secalert@redhat.com)
http://secunia.com/advisories/60419(secalert@redhat.com)
http://secunia.com/advisories/61766(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21996759(secalert@redhat.com)
http://www.apache.org/dist/poi/release/RELEASE-NOTES.txt(secalert@redhat.com)
http://www.securityfocus.com/bid/69648(secalert@redhat.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95768(secalert@redhat.com)
https://lucene.apache.org/solr/solrnews.html#18-august-2014-recommendation-to-update-apache-poi-in-apache-solr-480-481-and-490-installations(secalert@redhat.com)
http://poi.apache.org/changes.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2014-1370.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2014-1398.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2014-1399.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2014-1400.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59943(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/60419(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/61766(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21996759(af854a3a-2127-422b-91ae-364da2661108)
http://www.apache.org/dist/poi/release/RELEASE-NOTES.txt(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/69648(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95768(af854a3a-2127-422b-91ae-364da2661108)
https://lucene.apache.org/solr/solrnews.html#18-august-2014-recommendation-to-update-apache-poi-in-apache-solr-480-481-and-490-installations(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.