Apache PDFBox CVE-2016-2175 XML External Entity Injection Vulnerability

Bugtraq ID: 90902
Class: Design Error
CVE: CVE-2016-2175
Remote: Yes
Local: No
Published: May 27 2016 12:00AM
Updated: Jan 12 2017 01:10AM
Credit: Arthur Khashaev, Seulgi Kim, Mesut Timur and Microsoft Vulnerability Research.
Vulnerable: IBM FileNet Content Manager 5.2.1
IBM FileNet Content Manager 5.2.0
IBM FileNet Content Manager 5.1.0
IBM Content Foundation 5.2.1
IBM Content Foundation 5.2.0
Apache PDFBox 2.0
Apache PDFBox 1.8.11
Apache PDFBox 1.8.10
Apache PDFBox 1.8.9
Apache PDFBox 1.8.8
Apache PDFBox 1.8.7
Apache PDFBox 1.8.6
Apache PDFBox 1.8.5
Apache PDFBox 1.8.4
Apache PDFBox 1.8.3
Apache PDFBox 1.8.2
Apache PDFBox 1.8.1
Apache PDFBox 1.8
Not Vulnerable: Apache PDFBox 2.0.1
Apache PDFBox 1.8.12


 

Privacy Statement
Copyright 2010, SecurityFocus