CVE-2016-4434

CVE-2016-4434

Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity (XXE) attacks via vectors involving (1) spreadsheets in OOXML files and (2) XMP metadata in PDF and other file formats, a related issue to CVE-2016-2175.

Source: CVE-2016-4434

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다