CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2016-4463 – xerces-c: Stack overflow when parsing deeply nested DTD
https://notcve.org/view.php?id=CVE-2016-4463
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD. Desbordamiento de buffer basado en pila en Apache Xerces-C++ en versiones anteriores a 3.1.4 permite a atacantes dependientes del contexto provocar una denegación de servicio a través de un DTD anidado profundamente. A stack exhaustion flaw was found in the way Xerces-C XML parser handled deeply nested DTDs. An attacker could potentially use this flaw to crash an application using Xerces-C by tricking it into processing specially crafted data. • https://github.com/arntsonl/CVE-2016-4463 http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html http://lists.opensuse.org/opensuse-updates/2016-09/msg00013.html http://packetstormsecurity.com/files/137714/Apache-Xerces-C-XML-Parser-Crash.html http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.securityfocus.com/archive/1/538784/100/0/threaded http://www.securityfocus.com/bid/91501 http://www.securitytracker.com/id/1036211 http://xerces.apache&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2016-2099
https://notcve.org/view.php?id=CVE-2016-2099
Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document. Vulnerabilidad de uso después de liberación de memoria en validators/DTD/DTDScanner.cpp en Apache Xerces C++ 3.1.3 y versiones anteriores permite a atacantes dependientes de contexto tener un impacto no especificado a través de un carácter inválido en un documento XML. • http://lists.opensuse.org/opensuse-updates/2016-07/msg00016.html http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html http://lists.opensuse.org/opensuse-updates/2016-09/msg00013.html http://www.debian.org/security/2016/dsa-3579 http://www.openwall.com/lists/oss-security/2016/05/09/7 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.securityfocus.com/bid/90502 https://issues.apache.org/jira/browse/XERCESC-2066 https://security.gento •
CVSS: 5.0EPSS: 4%CPEs: 5EXPL: 1CVE-2015-0252 – Apache Xerces-C XML Parser < 3.1.2 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2015-0252
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data. internal/XMLReader.cpp en Apache Xerces-C anterior a 3.1.2 permite a atacantes remotos causar una denegación de servicio (fallo de segmentación y caída) a través de datos XML manipulados. A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash. • https://www.exploit-db.com/exploits/36906 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152882.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153094.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153829.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153887.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153903.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/1539 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1CVE-2009-1885
https://notcve.org/view.php?id=CVE-2009-1885
Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework. Vulnerabilidad de agotamiento de pila en validators/DTD/DTDScanner.cpp en Apache Xerces C++ v2.7.0 y v2.8.0 permite a atacantes dependientes de contexto producir una denegación de servicio (caída de aplicación) a través de vectores que incluyen el uso de paréntesis anidados y unos valores de byte no validos en "estructuras simples anidadas DTD", como se demostro en Codenomicon XML fuzzing framework. • http://secunia.com/advisories/36201 http://svn.apache.org/viewvc/xerces/c/trunk/src/xercesc/validators/DTD/DTDScanner.cpp?r1=781488&r2=781487&pathrev=781488&view=patch http://svn.apache.org/viewvc?view=rev&revision=781488 http://www.cert.fi/en/reports/2009/vulnerability2009085.html http://www.codenomicon.com/labs/xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:223 http://www.networkworld.com/columnists/2009/080509-xml-flaw.html http://www.securityfocus.com/bid/35986 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 1CVE-2008-4482
https://notcve.org/view.php?id=CVE-2008-4482
The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file. El analizador XML en Xerces-C++ versiones anteriores a 3.0.0, permite a los atacantes dependientes de contexto causar una denegación de servicios (consumo de pila y caída) a través de un esquema de definición XML con un valor largo maxOccurs, el cual lanza un excesivo consumo de memoria durante la validación de un archivo XML. • http://issues.apache.org/jira/browse/XERCESC-1051 http://secunia.com/advisories/32108 http://www.securityfocus.com/bid/31533 http://xerces.apache.org/xerces-c/releases.html https://exchange.xforce.ibmcloud.com/vulnerabilities/45596 • CWE-20: Improper Input Validation •