Vulnerabilities > CVE-2017-8316 - XXE vulnerability in Jetbrains Intellij Idea
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can exploit the vulnerability by implementing malicious code on both Androidmanifest.xml.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://git.jetbrains.org/?p=idea/adt-tools-base.git%3Ba=commit%3Bh=a778b2b88515513654e002cd51cbe8eb8226e96b
- http://git.jetbrains.org/?p=idea/adt-tools-base.git%3Ba=commit%3Bh=a778b2b88515513654e002cd51cbe8eb8226e96b
- https://research.checkpoint.com/parsedroid-targeting-android-development-research-community/
- https://research.checkpoint.com/parsedroid-targeting-android-development-research-community/
- https://youtrack.jetbrains.com/issue/IDEA-175381
- https://youtrack.jetbrains.com/issue/IDEA-175381