CVE-2017-8315

Sažetak

Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml.

Reference

https://bugs.eclipse.org/bugs/show_bug.cgi?id=519169
https://research.checkpoint.com/parsedroid-targeting-android-development-research-community/

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:N/A:N

Zadnje važnije ažuriranje

22-05-2018 - 15:33

Objavljeno

20-04-2018 - 19:29