ByteOS Network

NVD Vulnerability Details :

CVE-2017-8316

Modified

Source-cve@checkpoint.com

Published At-03 Aug, 2018 | 15:29

Updated At-07 Nov, 2023 | 02:50

IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can exploit the vulnerability by implementing malicious code on both Androidmanifest.xml.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.0	7.5	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary	2.0	7.8	HIGH	AV:N/AC:L/Au:N/C:C/I:N/A:N

Type: Primary

Version: 3.0

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Type: Primary

Version: 2.0

Base score: 7.8

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:C/I:N/A:N

CPE Matches

JetBrains s.r.o.

>>intellij_idea>>Versions before 2017.2.2(exclusive)

cpe:2.3:a:jetbrains:intellij_idea:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-611	Primary	nvd@nist.gov

CWE ID: CWE-611

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://git.jetbrains.org/?p=idea/adt-tools-base.git%3Ba=commit%3Bh=a778b2b88515513654e002cd51cbe8eb8226e96b	cve@checkpoint.com	N/A
https://research.checkpoint.com/parsedroid-targeting-android-development-research-community/	cve@checkpoint.com	Exploit Third Party Advisory
https://youtrack.jetbrains.com/issue/IDEA-175381	cve@checkpoint.com	Broken Link

Hyperlink: http://git.jetbrains.org/?p=idea/adt-tools-base.git%3Ba=commit%3Bh=a778b2b88515513654e002cd51cbe8eb8226e96b

Source: cve@checkpoint.com

Resource: N/A

Hyperlink: https://research.checkpoint.com/parsedroid-targeting-android-development-research-community/

Source: cve@checkpoint.com

Resource:

Exploit

Third Party Advisory

Hyperlink: https://youtrack.jetbrains.com/issue/IDEA-175381

Source: cve@checkpoint.com

Resource:

Broken Link

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History