CVE-2016-0718

Опубликовано: 26 мая 2016

Источник: debian

EPSS Низкий

Описание

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
expat	fixed	2.1.1-2		package
libxmltok	removed			package
libxmltok	ignored		bookworm	package
firefox	fixed	48.0-1		package
firefox-esr	not-affected			package

Примечания

https://www.mozilla.org/en-US/security/advisories/mfsa2016-68/
Firefox links dynamically against expat

EPSS

Процентиль: 80%

0.01504

Низкий

Связанные уязвимости

CVE-2016-0718

CVSS3: 9.8

ubuntu

около 9 лет назад

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

CVE-2016-0718

redhat

около 9 лет назад

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

CVE-2016-0718

CVSS3: 9.8

nvd

около 9 лет назад

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

GHSA-3f8j-8ww3-q7v6

CVSS3: 9.8

github

около 3 лет назад

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

ELSA-2016-2824

oracle-oval

больше 8 лет назад

ELSA-2016-2824: expat security update (MODERATE)

EPSS

Процентиль: 80%

0.01504

Низкий