PT-2016-5016 · Apache+3 · Apache Xerces-C+3

Gustavo Grieco

Publicado

2016-05-13

Atualizado

2024-06-15

CVE-2016-2099

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Apache Xerces C++ versions 3.1.3 and earlier

Description A use-after-free issue exists in the validators/DTD/DTDScanner.cpp component, allowing context-dependent attackers to have an unspecified impact by including an invalid character in an XML document.

Recommendations For Apache Xerces C++ versions 3.1.3 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2016-1794

CVE-2016-2099

DLA-467-1

DSA-3579-1

MGASA-2016-0189

OPENSUSE-SU-2024:10039-1

SUSE-SU-2016:2154-1

SUSE-SU-2016_2154-1

USN-4784-1

Produtos afetados

Alt Linux

Apache Xerces-C

Suse

Ubuntu

PT-2016-5016 · Apache+3 · Apache Xerces-C+3

CVE-2016-2099

Identificadores relacionados

Produtos afetados

Referências · 34