Vulnerability Details CVE-2017-8316
IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can exploit the vulnerability by implementing malicious code on both Androidmanifest.xml.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
References
- http://git.jetbrains.org/?p=idea/adt-tools-base.git%3Ba=commit%3Bh=a778b2b88515513654e002cd51cbe8eb8226e96b
- https://research.checkpoint.com/parsedroid-targeting-android-development-research-community/
- https://youtrack.jetbrains.com/issue/IDEA-175381
- http://git.jetbrains.org/?p=idea/adt-tools-base.git%3Ba=commit%3Bh=a778b2b88515513654e002cd51cbe8eb8226e96b
- https://research.checkpoint.com/parsedroid-targeting-android-development-research-community/
- https://youtrack.jetbrains.com/issue/IDEA-175381
Products affected by CVE-2017-8316
-
cpe:2.3:a:jetbrains:intellij_idea:-
-
cpe:2.3:a:jetbrains:intellij_idea:10.5.2
-
cpe:2.3:a:jetbrains:intellij_idea:11.0
-
cpe:2.3:a:jetbrains:intellij_idea:11.0.1
-
cpe:2.3:a:jetbrains:intellij_idea:11.0.2
-
cpe:2.3:a:jetbrains:intellij_idea:11.1
-
cpe:2.3:a:jetbrains:intellij_idea:11.1.1
-
cpe:2.3:a:jetbrains:intellij_idea:11.1.2
-
cpe:2.3:a:jetbrains:intellij_idea:11.1.3
-
cpe:2.3:a:jetbrains:intellij_idea:11.1.4
-
cpe:2.3:a:jetbrains:intellij_idea:11.1.5
-
cpe:2.3:a:jetbrains:intellij_idea:12.0
-
cpe:2.3:a:jetbrains:intellij_idea:12.0.1
-
cpe:2.3:a:jetbrains:intellij_idea:12.0.2
-
cpe:2.3:a:jetbrains:intellij_idea:12.0.3
-
cpe:2.3:a:jetbrains:intellij_idea:12.0.4
-
cpe:2.3:a:jetbrains:intellij_idea:12.1
-
cpe:2.3:a:jetbrains:intellij_idea:12.1.1
-
cpe:2.3:a:jetbrains:intellij_idea:12.1.2
-
cpe:2.3:a:jetbrains:intellij_idea:12.1.3
-
cpe:2.3:a:jetbrains:intellij_idea:12.1.4
-
cpe:2.3:a:jetbrains:intellij_idea:12.1.5
-
cpe:2.3:a:jetbrains:intellij_idea:12.1.6
-
cpe:2.3:a:jetbrains:intellij_idea:12.1.7
-
cpe:2.3:a:jetbrains:intellij_idea:12.1.8
-
cpe:2.3:a:jetbrains:intellij_idea:13.0
-
cpe:2.3:a:jetbrains:intellij_idea:13.0.1
-
cpe:2.3:a:jetbrains:intellij_idea:13.0.2
-
cpe:2.3:a:jetbrains:intellij_idea:13.0.3
-
cpe:2.3:a:jetbrains:intellij_idea:13.0.4
-
cpe:2.3:a:jetbrains:intellij_idea:13.0.5
-
cpe:2.3:a:jetbrains:intellij_idea:13.1
-
cpe:2.3:a:jetbrains:intellij_idea:13.1.1
-
cpe:2.3:a:jetbrains:intellij_idea:13.1.2
-
cpe:2.3:a:jetbrains:intellij_idea:13.1.3
-
cpe:2.3:a:jetbrains:intellij_idea:13.1.4
-
cpe:2.3:a:jetbrains:intellij_idea:13.1.5
-
cpe:2.3:a:jetbrains:intellij_idea:13.1.6
-
cpe:2.3:a:jetbrains:intellij_idea:13.1.7
-
cpe:2.3:a:jetbrains:intellij_idea:14.0
-
cpe:2.3:a:jetbrains:intellij_idea:14.0.1
-
cpe:2.3:a:jetbrains:intellij_idea:14.0.2
-
cpe:2.3:a:jetbrains:intellij_idea:14.0.3
-
cpe:2.3:a:jetbrains:intellij_idea:14.0.4
-
cpe:2.3:a:jetbrains:intellij_idea:14.0.5
-
cpe:2.3:a:jetbrains:intellij_idea:14.1
-
cpe:2.3:a:jetbrains:intellij_idea:14.1.1
-
cpe:2.3:a:jetbrains:intellij_idea:14.1.2
-
cpe:2.3:a:jetbrains:intellij_idea:14.1.3
-
cpe:2.3:a:jetbrains:intellij_idea:14.1.4
-
cpe:2.3:a:jetbrains:intellij_idea:14.1.5
-
cpe:2.3:a:jetbrains:intellij_idea:14.1.6
-
cpe:2.3:a:jetbrains:intellij_idea:14.1.7
-
cpe:2.3:a:jetbrains:intellij_idea:15.0
-
cpe:2.3:a:jetbrains:intellij_idea:15.0.1
-
cpe:2.3:a:jetbrains:intellij_idea:15.0.2
-
cpe:2.3:a:jetbrains:intellij_idea:15.0.3
-
cpe:2.3:a:jetbrains:intellij_idea:15.0.4
-
cpe:2.3:a:jetbrains:intellij_idea:15.0.5
-
cpe:2.3:a:jetbrains:intellij_idea:15.0.6
-
cpe:2.3:a:jetbrains:intellij_idea:2016.1
-
cpe:2.3:a:jetbrains:intellij_idea:2016.1.1
-
cpe:2.3:a:jetbrains:intellij_idea:2016.1.2
-
cpe:2.3:a:jetbrains:intellij_idea:2016.1.3
-
cpe:2.3:a:jetbrains:intellij_idea:2016.1.4
-
cpe:2.3:a:jetbrains:intellij_idea:2016.2
-
cpe:2.3:a:jetbrains:intellij_idea:2016.2.1
-
cpe:2.3:a:jetbrains:intellij_idea:2016.2.2
-
cpe:2.3:a:jetbrains:intellij_idea:2016.2.3
-
cpe:2.3:a:jetbrains:intellij_idea:2016.2.4
-
cpe:2.3:a:jetbrains:intellij_idea:2016.2.5
-
cpe:2.3:a:jetbrains:intellij_idea:2016.3
-
cpe:2.3:a:jetbrains:intellij_idea:2016.3.2
-
cpe:2.3:a:jetbrains:intellij_idea:2016.3.3
-
cpe:2.3:a:jetbrains:intellij_idea:2016.3.4
-
cpe:2.3:a:jetbrains:intellij_idea:2016.3.5
-
cpe:2.3:a:jetbrains:intellij_idea:2016.3.6
-
cpe:2.3:a:jetbrains:intellij_idea:2016.3.7
-
cpe:2.3:a:jetbrains:intellij_idea:2016.3.8
-
cpe:2.3:a:jetbrains:intellij_idea:2017.1
-
cpe:2.3:a:jetbrains:intellij_idea:2017.1.1
-
cpe:2.3:a:jetbrains:intellij_idea:2017.1.2
-
cpe:2.3:a:jetbrains:intellij_idea:2017.1.3
-
cpe:2.3:a:jetbrains:intellij_idea:2017.1.4
-
cpe:2.3:a:jetbrains:intellij_idea:2017.1.5
-
cpe:2.3:a:jetbrains:intellij_idea:2017.1.6
-
cpe:2.3:a:jetbrains:intellij_idea:2017.2
-
cpe:2.3:a:jetbrains:intellij_idea:2017.2.1
-
cpe:2.3:a:jetbrains:intellij_idea:9.0.3
-
cpe:2.3:a:jetbrains:intellij_idea:9.0.4