cve/CVE-2017-9096.md at 9ac4b787af2fa0b7575b28040edee6199ce9a667

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 09:12:08 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

900 B

Raw Blame History

CVE-2017-9096

Description

The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF.

POC

Reference

https://www.oracle.com/security-alerts/cpuoct2020.html

Github

https://github.com/0xCyberY/CVE-T4PDF
https://github.com/ARPSyndicate/cvemon
https://github.com/Anonymous-Phunter/PHunter
https://github.com/CGCL-codes/PHunter
https://github.com/jakabakos/CVE-2017-9096
https://github.com/jakabakos/CVE-2017-9096-iText-XXE

900 B Raw Blame History

CVE-2017-9096

Description

POC

Reference

Github

900 B

Raw Blame History