The OPC SAX setup in Apache POI before 3.10.1 allows remote attackers to read arbitrary files via an OpenXML file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-09-04T17:00:00

Updated: 2024-08-06T10:50:16.343Z

Reserved: 2014-05-14T00:00:00

Link: CVE-2014-3529

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-09-04T17:55:05.623

Modified: 2024-11-21T02:08:18.587

Link: CVE-2014-3529

cve-icon Redhat

Severity : Moderate

Publid Date: 2014-08-18T00:00:00Z

Links: CVE-2014-3529 - Bugzilla