CVE-2015-1283

🗓️ 23 Jul 2015 00:00:00Reported by ChromeType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 330 Views

Multiple integer overflows in XML_GetBuffer function in Expat through 2.1.0, causing denial of servic

Reporter	Title	Published	Views	Family All 206
IBM Security Bulletins	Security Bulletin: Denial of service may affect IBM HTTP Server (CVE-2015-1283)	8 Sep 202200:09	–	ibm
IBM Security Bulletins	IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index	31 Jan 202100:10	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Expat component shipped with IBM Rational ClearCase (CVE-2016-0718, CVE-2015-1283, CVE-2016-4472, CVE-2015-2716)	10 Jul 201808:34	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM Tivoli Monitoring shipped with IBM Cloud Orchestrator Enterprise (CVE-2015-1829, CVE-2015-3183, CVE-2015-1283, CVE-2015-4947, CVE-2015-2808)	17 Jun 201822:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple expat vulnerabilities	18 Jun 201801:32	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2015-1283)	17 Jun 201815:10	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearQuest (CVE-2015-1283, CVE-2015-4947, CVE-2015-3183)	29 Sep 201818:04	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with Intelligent Operations Center and related products (CVE-2015-1283)	19 Aug 202221:04	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities that have been identified in IBM HTTP Server shipped with WebSphere Application Server may affect WebSphere Process Server	15 Sep 202218:50	–	ibm
IBM Security Bulletins	Security Bulletin: Two security vulnerabilities have been identified in IBM HTTP Server shipped with IBM eDiscovery Manager (CVE-2015-1283, CVE-2015-3183)	17 Jun 201812:12	–	ibm

NVD

Node

google chromeRange≤43.0.2357.134

Node

libexpat_project libexpatRange≤2.1.0

Node

python pythonRange2.7.0–2.7.12

python pythonRange3.3.0–3.3.7

python pythonRange3.4.0–3.4.5

python pythonRange3.5.0–3.5.2

Node

debian debian_linuxMatch7.0

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

Node

canonical ubuntu_linuxMatch12.04-

canonical ubuntu_linuxMatch14.04esm

canonical ubuntu_linuxMatch15.04

Node

suse linux_enterprise_debuginfoMatch11sp4

suse studio_onsiteMatch1.3

opensuse leapMatch42.1

opensuse opensuseMatch13.1

opensuse opensuseMatch13.2

suse linux_enterprise_desktopMatch12-

suse linux_enterprise_desktopMatch12sp1

suse linux_enterprise_serverMatch11sp4

suse linux_enterprise_serverMatch12-

suse linux_enterprise_serverMatch12sp1

suse linux_enterprise_software_development_kitMatch11sp4

suse linux_enterprise_software_development_kitMatch12-

suse linux_enterprise_software_development_kitMatch12sp1

Node

oracle solarisMatch10

oracle solarisMatch11.3

Source	Link
lists	www.lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html
googlechromereleases	www.googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
oracle	www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
lists	www.lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html
security	www.security.gentoo.org/glsa/201701-21
lists	www.lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html
code	www.code.google.com/p/chromium/issues/detail
securityfocus	www.securityfocus.com/bid/75973
kc	www.kc.mcafee.com/corporate/index
ubuntu	www.ubuntu.com/usn/USN-2726-1

06 May 2026 22:30Current

8.4High risk

Vulners AI Score8.4

CVSS 26.8

EPSS0.00521

CWE-190