Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:0597-1

Опубликовано: 09 мар. 2015
Источник: suse-cvrf

Описание

Security update for Xerces-C

The Xerces-C XML parsing library was updated to fix mishandling certain kinds of malformed input documents, that could have resulted in a segmentation faults during a parse operation, leading to denial of service or potential code execution. (bnc#920810,CVE-2015-0252)

Список пакетов

SUSE Linux Enterprise Desktop 12
libxerces-c-3_1-3.1.1-4.1
libxerces-c-3_1-32bit-3.1.1-4.1
SUSE Linux Enterprise Workstation Extension 12
libxerces-c-3_1-3.1.1-4.1
libxerces-c-3_1-32bit-3.1.1-4.1

Описание

internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.


Затронутые продукты
SUSE Linux Enterprise Desktop 12:libxerces-c-3_1-3.1.1-4.1
SUSE Linux Enterprise Desktop 12:libxerces-c-3_1-32bit-3.1.1-4.1
SUSE Linux Enterprise Workstation Extension 12:libxerces-c-3_1-3.1.1-4.1
SUSE Linux Enterprise Workstation Extension 12:libxerces-c-3_1-32bit-3.1.1-4.1

Ссылки
Уязвимость SUSE-SU-2015:0597-1