XML External Entity Vulnerability in Redland Raptor Used by OpenOffice and LibreOffice
CVE-2012-0037

6.5MEDIUM

Key Information:

Vendor

Apache
Status
Openoffice.org
Libraptor
Vendor
CVE Published:
17 June 2012

What is CVE-2012-0037?

Redland Raptor, a library utilized in OpenOffice and LibreOffice, is susceptible to an XML External Entity (XXE) attack. This vulnerability enables user-assisted remote attackers to read arbitrary files on the system by employing a specially crafted XML external entity declaration in an RDF document. Attackers can exploit this weakness to gain unauthorized access to sensitive information, making it essential for users of the affected software to apply necessary security updates and patches.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/60799
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/48526
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/48479
third-party-advisoryx_refsource_SECUNIA

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.