5 results (0.019 seconds)

CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0

Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this is due to an incorrect fix for CVE-2013-2154. Desbordamiento de búfer basado en memoria dinámica en la funcionalidad XML Signature Reference ein Apache Santuario XML Security para C++ (aka xml-security-c) anterior a 1.7.2, permite a atacantes dependientes del contexto provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de expresiones Xpointer mal formadas. NOTA: Esto se debe a una corrección incorrecta del CVE-2013-2154. • http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0216.html http://santuario.apache.org/secadv.data/CVE-2013-2210.txt http://www.debian.org/security/2013/dsa-2717 https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3%40%3Ccommits.santuario.apache.org%3E https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0cd%40%3Ccommits.santuario.apache.org%3E https://www.tenable.com/security/tns-2018-15 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 1

The XML digital signature functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows context-dependent attackers to reuse signatures and spoof arbitrary content via crafted Reference elements in the Signature, aka "XML Signature Bypass issue." La funcionalidad de firma digital XML (xsec/dsig/DSIGReference.cpp) en Apache Santuario XML Security para C++ (aka xml-security-c) anterior a 1.7.1, permite a atacantes dependientes del contexto reutilizar firmas y suplantar contenido arbitrario a través de elementos Reference manipulados en la firma. Aka "XML Signature Bypass issue." • http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0140.html http://santuario.apache.org/secadv.data/CVE-2013-2153.txt http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/xsec/dsig/DSIGReference.cpp?r1=1125514&r2=1493959&pathrev=1493959&diff_format=h http://www.debian.org/security/2013/dsa-2710 https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3%40%3Ccommits.santuario.apache.org%3E https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0 • CWE-310: Cryptographic Issues •

CVSS: 7.5EPSS: 5%CPEs: 13EXPL: 0

Heap-based buffer overflow in the Exclusive Canonicalization functionality (xsec/canon/XSECC14n20010315.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PrefixList attribute. Desbordamiento de búfer basado en memoria dinámica en la funcionalidad Exclusive Canonicalization (xsec/canon/XSECC14n20010315.cpp) en Apache Santuario XML Security para C++ (aka xml-security-c) anterior a 1.7.1 , permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente la ejecución de código arbitrario a través de un atributo PrefixList modificado. • http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0143.html http://santuario.apache.org/secadv.data/CVE-2013-2156.txt http://svn.apache.org/viewvc?view=revision&revision=1493961 http://www.debian.org/security/2013/dsa-2710 https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3%40%3Ccommits.santuario.apache.org%3E https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0cd%40%3Ccommits.santuario.apache.org%3E https://www.tenable.com/security/tns-201 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.8EPSS: 0%CPEs: 13EXPL: 0

Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 does not properly validate length values, which allows remote attackers to cause a denial of service or bypass the CVE-2009-0217 protection mechanism and spoof a signature via crafted length values to the (1) compareBase64StringToRaw, (2) DSIGAlgorithmHandlerDefault, or (3) DSIGAlgorithmHandlerDefault::verify functions. Apache Santuario XML Security para C++ (aka xml-security-c) anterior a 1.7.1, no valida adecuadamente los valores relativos al tamaño, lo que permite a atacantes remotos provocar una denegación de servicio o evitar los mecanismos de protección (CVE-2009-0217) y suplantar una firma a través de tamaños de valores manipulados en las funciones (1) compareBase64StringToRaw, (2) DSIGAlgorithmHandlerDefault, o (3) DSIGAlgorithmHandlerDefault::verify. • http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0142.html http://santuario.apache.org/secadv.data/CVE-2013-2155.txt http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/xsec/dsig/DSIGAlgorithmHandlerDefault.cpp?r1=1125752&r2=1493960&pathrev=1493960&diff_format=h http://www.debian.org/security/2013/dsa-2710 https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3%40%3Ccommits.santuario.apache.org%3E https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452b • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0

Stack-based buffer overflow in the XML Signature Reference functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed XPointer expressions, probably related to the DSIGReference::getURIBaseTXFM function. Desbordamiento de búfer basado en pila en la funcionalidad Reference (xsec/dsig/DSIGReference.cpp) en Apache Santuario XML Security para C++ (aka xml-security-c) anterior a 1.7.1, permite a atacantes dependientes del contexto provocar una denegación de servicio (caída) y posiblemente la ejecución arbitraria de código a través de expresiones XPointer mal formadas, probablemente relacionadas con la función DSIGReference::getURIBaseTXFM. • http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0141.html http://santuario.apache.org/secadv.data/CVE-2013-2154.txt http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/xsec/dsig/DSIGReference.cpp?r1=1125514&r2=1493959&pathrev=1493959&diff_format=h http://www.debian.org/security/2013/dsa-2710 https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3%40%3Ccommits.santuario.apache.org%3E https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •