ID CVE-2019-12154
Summary XXE in the XML parser library in RealObjects PDFreactor before 10.1.10722 allows attackers to supply malicious XML content in externally referenced resources, leading to disclosure of local file contents and/or denial of service conditions.
References
Vulnerable Configurations
  • RealObjects PDFreactor 10.0.10702
    cpe:2.3:a:realobjects:pdfreactor:10.0.10702
  • RealObjects PDFreactor 10.0.10722
    cpe:2.3:a:realobjects:pdfreactor:10.0.10722
  • RealObjects PDFreactor 10.0.10722.1
    cpe:2.3:a:realobjects:pdfreactor:10.0.10722.1
  • RealObjects PDFreactor 10.0.10722.2
    cpe:2.3:a:realobjects:pdfreactor:10.0.10722.2
  • RealObjects PDFreactor 10.0.10722.3
    cpe:2.3:a:realobjects:pdfreactor:10.0.10722.3
CVSS
Base: 6.4
Impact:
Exploitability:
CWE CWE-611
CAPEC
Last major update 11-06-2019 - 17:29
Published 11-06-2019 - 17:29
Last modified 13-06-2019 - 09:45
Back to Top