CVE-2013-2156

Name of the Vulnerable Software and Affected Versions Apache Santuario XML Security for C++ versions prior to 1.7.1

Description The issue is related to a heap-based buffer overflow in the Exclusive Canonicalization functionality. This can be exploited by remote attackers using a crafted PrefixList attribute, potentially leading to a denial of service or arbitrary code execution.

Recommendations For versions prior to 1.7.1, update to version 1.7.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Exclusive Canonicalization functionality until a patch is applied.