Bug 1181223 (CVE-2014-9527) - CVE-2014-9527 apache-poi: denial of service in HSLFSlideShow via corrupted PPT file
Summary: CVE-2014-9527 apache-poi: denial of service in HSLFSlideShow via corrupted PP...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2014-9527
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1327359 1327347 1327348 1327349 1327350 1327351 1327352 1327353 1327354 1327355
Blocks: 1181227 1335310 1385169
TreeView+ depends on / blocked
 
Reported: 2015-01-12 16:00 UTC by Martin Prpič
Modified: 2019-09-29 13:26 UTC (History)
38 users (show)

Fixed In Version: Apache POI 3.11
Doc Type: Bug Fix
Doc Text:
A denial of service flaw was found in the way the HSLFSlideShow class implementation in Apache POI handled certain PPT files. A remote attacker could submit a specially crafted PPT file that would cause Apache POI to hang indefinitely.
Clone Of:
Environment:
Last Closed: 2019-06-08 02:37:52 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:1135 normal SHIPPED_LIVE Important: Red Hat JBoss Data Virtualization security and bug fix update 2016-05-26 23:25:24 UTC

Description Martin Prpič 2015-01-12 16:00:17 UTC
A denial of service flaw was found in the way the HSLFSlideShow class implementation in Apache POI handled certain PPT files. A remote attacker could submit a specially crafted PPT file that would cause Apache POI to hang indefinitely.

Upstream Issue:

https://issues.apache.org/bugzilla/show_bug.cgi?id=57272

Upstream Fix:

https://svn.apache.org/viewvc?view=revision&revision=1643680

Comment 1 gil cattaneo 2015-02-14 16:52:23 UTC
There are some problems to solve for upgrade Apache Poi to 3.11
#1, i have no idea what license they use these files, used by poi-ooxml* artefacts

http://www.ecma-international.org/publications/files/ECMA-ST/Office%20Open%20XML%201st%20edition%20Part%202%20(PDF).zip
http://dublincore.org/schemas/xmls/qdc/2003/04/02/dc.xsd
http://dublincore.org/schemas/xmls/qdc/2003/04/02/dcterms.xsd
http://dublincore.org/schemas/xmls/qdc/2003/04/02/dcmitype.xsd
http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd
http://uri.etsi.org/01903/v1.3.2/XAdES.xsd
http://uri.etsi.org/01903/v1.4.1/XAdESv141.xsd

#2 Apache Poi to 3.11 use xml-security 2.x, xml-security update would cause compatibility problems that for now prefer to avoid

regards

Comment 2 Tomas Hoger 2015-02-15 14:46:47 UTC
Fixed In Version field of Security Response / vulnerability bugs is used to tracked information about what upstream version fixed specific flaws.

Comment 3 Fedora Update System 2015-02-23 07:59:28 UTC
apache-poi-3.10.1-2.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 8 errata-xmlrpc 2016-05-26 19:25:32 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Data Virtualization security and bug fix update

Via RHSA-2016:1135 https://access.redhat.com/errata/RHSA-2016:1135


Note You need to log in before you can comment on or make changes to this bug.