CVE-2012-0213

CVSS v2.0 5 (Medium)

EPSS 0.98 % (84^th)

Affected Products 1

Advisories 4

The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document.

Weaknesses

CWE-399: Resource Management Errors

CVE Status: PUBLISHED
CNA: Debian GNU/Linux
Published Date: 2012-08-07 21:55:01
(12 years ago)
Updated Date: 2017-02-11 02:59:00
(7 years ago)

Affected Products

Apache

Configuration #1

	CPE23	Up To
Apache Poi 3.8 and prior versions	cpe:2.3:a:apache:poi	<= 3.8
Apache Poi 0.1	cpe:2.3:a:apache:poi:0.1
Apache Poi 0.2	cpe:2.3:a:apache:poi:0.2
Apache Poi 0.3	cpe:2.3:a:apache:poi:0.3
Apache Poi 0.4	cpe:2.3:a:apache:poi:0.4
Apache Poi 0.5	cpe:2.3:a:apache:poi:0.5
Apache Poi 0.6	cpe:2.3:a:apache:poi:0.6
Apache Poi 0.7	cpe:2.3:a:apache:poi:0.7
Apache Poi 0.10.0	cpe:2.3:a:apache:poi:0.10.0
Apache Poi 0.11.0	cpe:2.3:a:apache:poi:0.11.0
Apache Poi 0.12.0	cpe:2.3:a:apache:poi:0.12.0
Apache Poi 0.13.0	cpe:2.3:a:apache:poi:0.13.0
Apache Poi 0.14.0	cpe:2.3:a:apache:poi:0.14.0
Apache Poi 1.0.0	cpe:2.3:a:apache:poi:1.0.0
Apache Poi 1.0.1	cpe:2.3:a:apache:poi:1.0.1
Apache Poi 1.0.2	cpe:2.3:a:apache:poi:1.0.2
Apache Poi 1.1.0	cpe:2.3:a:apache:poi:1.1.0
Apache Poi 1.2.0	cpe:2.3:a:apache:poi:1.2.0
Apache Poi 1.5	cpe:2.3:a:apache:poi:1.5
Apache Poi 1.5.1	cpe:2.3:a:apache:poi:1.5.1
Apache Poi 1.7 Dev	cpe:2.3:a:apache:poi:1.7:dev
Apache Poi 1.8 Dev	cpe:2.3:a:apache:poi:1.8:dev
Apache Poi 1.10 Dev	cpe:2.3:a:apache:poi:1.10:dev
Apache Poi 2.0	cpe:2.3:a:apache:poi:2.0
Apache Poi 2.0 Pre1	cpe:2.3:a:apache:poi:2.0:pre1
Apache Poi 2.0 Pre2	cpe:2.3:a:apache:poi:2.0:pre2
Apache Poi 2.0 Pre3	cpe:2.3:a:apache:poi:2.0:pre3
Apache Poi 2.0 Rc1	cpe:2.3:a:apache:poi:2.0:rc1
Apache Poi 2.0 Rc2	cpe:2.3:a:apache:poi:2.0:rc2
Apache Poi 2.5	cpe:2.3:a:apache:poi:2.5
Apache Poi 2.5.1	cpe:2.3:a:apache:poi:2.5.1
Apache Poi 3.0	cpe:2.3:a:apache:poi:3.0
Apache Poi 3.0 Alpha1	cpe:2.3:a:apache:poi:3.0:alpha1
Apache Poi 3.0 Alpha2	cpe:2.3:a:apache:poi:3.0:alpha2
Apache Poi 3.0 Alpha3	cpe:2.3:a:apache:poi:3.0:alpha3
Apache Poi 3.0.1	cpe:2.3:a:apache:poi:3.0.1
Apache Poi 3.0.2	cpe:2.3:a:apache:poi:3.0.2
Apache Poi 3.0.2 Beta1	cpe:2.3:a:apache:poi:3.0.2:beta1
Apache Poi 3.0.2 Beta2	cpe:2.3:a:apache:poi:3.0.2:beta2
Apache Poi 3.1	cpe:2.3:a:apache:poi:3.1
Apache Poi 3.1 Beta1	cpe:2.3:a:apache:poi:3.1:beta1
Apache Poi 3.1 Beta2	cpe:2.3:a:apache:poi:3.1:beta2
Apache Poi 3.2	cpe:2.3:a:apache:poi:3.2
Apache Poi 3.5	cpe:2.3:a:apache:poi:3.5
Apache Poi 3.5 Beta1	cpe:2.3:a:apache:poi:3.5:beta1
Apache Poi 3.5 Beta2	cpe:2.3:a:apache:poi:3.5:beta2
Apache Poi 3.5 Beta3	cpe:2.3:a:apache:poi:3.5:beta3
Apache Poi 3.5 Beta4	cpe:2.3:a:apache:poi:3.5:beta4
Apache Poi 3.5 Beta5	cpe:2.3:a:apache:poi:3.5:beta5
Apache Poi 3.5 Beta6	cpe:2.3:a:apache:poi:3.5:beta6
Apache Poi 3.6	cpe:2.3:a:apache:poi:3.6
Apache Poi 3.7	cpe:2.3:a:apache:poi:3.7
Apache Poi 3.7 Beta1	cpe:2.3:a:apache:poi:3.7:beta1
Apache Poi 3.7 Beta2	cpe:2.3:a:apache:poi:3.7:beta2
Apache Poi 3.7 Beta3	cpe:2.3:a:apache:poi:3.7:beta3
Apache Poi 3.8 Beta1	cpe:2.3:a:apache:poi:3.8:beta1
Apache Poi 3.8 Beta2	cpe:2.3:a:apache:poi:3.8:beta2
Apache Poi 3.8 Beta3	cpe:2.3:a:apache:poi:3.8:beta3
Apache Poi 3.8 Beta4	cpe:2.3:a:apache:poi:3.8:beta4
Apache Poi 3.8 Beta5	cpe:2.3:a:apache:poi:3.8:beta5