Rewterz Threat Advisory – Mozilla Firefox, Firefox ESR, Firefox for Android, Focus, Thunderbird Vulnerabilities
March 7, 2022Rewterz Threat Advisory – CVE-2022-24725 – Node.js shescape module Vulnerability
March 7, 2022Rewterz Threat Advisory – Mozilla Firefox, Firefox ESR, Firefox for Android, Focus, Thunderbird Vulnerabilities
March 7, 2022Rewterz Threat Advisory – CVE-2022-24725 – Node.js shescape module Vulnerability
March 7, 2022Severity
Medium
Analysis Summary
CVE-2022-26336
Apache POI is vulnerable to a denial of service, caused by an out-of-memory exception flaw in the HMEF package. By persuading a victim to open a specially-crafted TNEF file, a remote attacker could exploit this vulnerability to cause the server to crash.
Impact
- Denial of Services
Indicators Of Compromise
CVE
- CVE-2022-26336
Affected Vendors
Apache
Affected Products
- Apache POI 5.2.0
Remediation
Upgrade to the latest version of Apache POI, available from the Apache Web site.