CVE-2011-2516

Name of the Vulnerable Software and Affected Versions Apache XML Security for C++ version 1.6.0 Shibboleth versions prior to 2.4.3

Description The issue is caused by an off-by-one error in the XML signature feature, which can be exploited by remote attackers to cause a denial of service (crash) via a signature using a large RSA key. This triggers a buffer overflow.

Recommendations For Apache XML Security for C++ version 1.6.0, update to a version that fixes the off-by-one error in the XML signature feature. For Shibboleth versions prior to 2.4.3, update to version 2.4.3 or later to resolve the issue.