CVE-2017-8315: XEE
First published: Fri Apr 20 2018(Updated: )
Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml.
Credit: cve@checkpoint.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Eclipse IDE | =2017.2.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-8315?
CVE-2017-8315 is classified as a high-severity vulnerability due to its potential to allow XML External Entity attacks.
How do I fix CVE-2017-8315?
To fix CVE-2017-8315, update Eclipse IDE to version 2017.2.6 or later.
What products are affected by CVE-2017-8315?
CVE-2017-8315 affects Eclipse IDE versions 2017.2.5 and earlier.
What can an attacker do using CVE-2017-8315?
An attacker can exploit CVE-2017-8315 to execute malicious XML code on Androidmanifest.xml.
Is there any workaround for CVE-2017-8315?
There are no known effective workarounds for CVE-2017-8315, so upgrading the software is recommended.
- collector/nvd-index
- agent/references
- agent/softwarecombine
- agent/type
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- vendor/eclipse
- canonical/eclipse ide
- version/eclipse ide/2017.2.5