CVE-2014-9527: Loop with Unreachable Exit Condition in Apache POI
(updated )
HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file.
References
- lists.fedoraproject.org/pipermail/package-announce/2015-February/150228.html
- poi.apache.org/changes.html
- secunia.com/advisories/61953
- www-01.ibm.com/support/docview.wss?uid=swg21996759
- access.redhat.com/errata/RHSA-2016:1135
- github.com/advisories/GHSA-x9mm-6gpf-f749
- issues.apache.org/bugzilla/show_bug.cgi?id=57272
- nvd.nist.gov/vuln/detail/CVE-2014-9527
Detect and mitigate CVE-2014-9527 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →