CVE-2016-0729

Name of the Vulnerable Software and Affected Versions Apache Xerces-C versions prior to 3.1.3

Description The issue is related to multiple buffer overflows in the XML Parser library, specifically in the internal/XMLReader.cpp, util/XMLURL.cpp, and util/XMLUri.cpp files. This can be exploited by remote attackers using a crafted document, potentially leading to a denial of service, such as a segmentation fault or memory corruption, or possibly allowing the execution of arbitrary code.

Recommendations For Apache Xerces-C versions prior to 3.1.3, update to version 3.1.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the XML Parser library until a patch is applied. Avoid processing crafted documents from untrusted sources to minimize the risk of exploitation.