Описание
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.
A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | xerces-c | Will not fix | ||
| Red Hat Enterprise MRG 2 | xerces-c | Will not fix | ||
| Red Hat Enterprise MRG 3 | xerces-c | Will not fix | ||
| Red Hat OpenShift Enterprise 2 | xerces-c | Will not fix | ||
| Red Hat Enterprise Linux 7 | xerces-c | Fixed | RHSA-2015:1193 | 29.06.2015 |
Показывать по
Дополнительная информация
Статус:
EPSS
5 Medium
CVSS2
Связанные уязвимости
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote a ...
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.
EPSS
5 Medium
CVSS2