Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2016-4434

Published: 30/09/2017 Updated: 07/11/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Apache

Vulnerability Summary

Apache Tika prior to 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote malicious users to conduct XML External Entity (XXE) attacks via vectors involving (1) spreadsheets in OOXML files and (2) XMP metadata in PDF and other file formats, a related issue to CVE-2016-2175.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache tika 1.12

Vendor Advisories

Debian CVElist Bug Report Logs: tika: CVE-2018-1339
Debian Bug report logs - #900000 tika: CVE-2018-1339 Package: src:tika; Maintainer for src:tika is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 24 May 2018 14:27:01 UTC Severity: important Tags: security, upstream Found in ve ...
Debian CVElist Bug Report Logs: CVE-2016-4434
Debian Bug report logs - #825501 CVE-2016-4434 Package: src:tika; Maintainer for src:tika is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Fri, 27 May 2016 10:03:02 UTC Severity: grave Tags: fixed-upstream, security, upstream Found in v ...
Red Hat: CVE-2016-4434
It was found that the parsing of OOXML, XMP in PDF, and some other file formats by Apache Tika would expand entity references A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks ...

Github Repositories

https://github.com/HLOverflow/XXE-study

This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF rules / Secure Configuration settings.

XXE Study This repository contains various XXE labs set up for different languages and their different parsers This may alternatively serve as a playground to test with Vulnerability scanners / WAF rules / Secure Configuration settings Most updated parsers does not allow external entities by default In this lab, they are deliberately mis-configured to allow external entities

References

CWE-611https://mail-archives.apache.org/mod_mbox/tika-dev/201605.mbox/%3C1705136517.1175366.1464278135251.JavaMail.yahoo%40mail.yahoo.com%3Ehttp://rhn.redhat.com/errata/RHSA-2017-0272.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0249.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0248.htmlhttp://www.securityfocus.com/archive/1/538500/100/0/threadedhttps://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3Ehttps://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900000https://github.com/HLOverflow/XXE-studyhttps://access.redhat.com/security/cve/cve-2016-4434
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651CVE-2024-34255elevation of privilegeCVE-2024-25529CVE-2024-4671NULL pointer dereferenceCVE-2024-25527template injectionCVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook