Refine your search
1 vulnerability found for Eclipse by Check Point Software Technologies Ltd.
CVE-2017-8315 (GCVE-0-2017-8315)
Vulnerability from cvelistv5
Published
2018-04-20 19:00
Modified
2024-09-17 02:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Local Privilege Escalation
Summary
Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Check Point Software Technologies Ltd. | Eclipse |
Version: All version lower or equal to 2017.2.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:34:22.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=519169"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://research.checkpoint.com/parsedroid-targeting-android-development-research-community/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Eclipse",
"vendor": "Check Point Software Technologies Ltd.",
"versions": [
{
"status": "affected",
"version": "All version lower or equal to 2017.2.5"
}
]
}
],
"datePublic": "2017-12-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Local Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-20T18:57:01.000Z",
"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"shortName": "checkpoint"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=519169"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://research.checkpoint.com/parsedroid-targeting-android-development-research-community/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@checkpoint.com",
"DATE_PUBLIC": "2017-12-04T00:00:00",
"ID": "CVE-2017-8315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Eclipse",
"version": {
"version_data": [
{
"version_value": "All version lower or equal to 2017.2.5"
}
]
}
}
]
},
"vendor_name": "Check Point Software Technologies Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=519169",
"refsource": "CONFIRM",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=519169"
},
{
"name": "https://research.checkpoint.com/parsedroid-targeting-android-development-research-community/",
"refsource": "MISC",
"url": "https://research.checkpoint.com/parsedroid-targeting-android-development-research-community/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"assignerShortName": "checkpoint",
"cveId": "CVE-2017-8315",
"datePublished": "2018-04-20T19:00:00.000Z",
"dateReserved": "2017-04-28T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:37:41.460Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}