5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.9%
Package : xmltooling
Version : 1.3.3-2+deb6u1
CVE ID : CVE-2015-0851
Debian Bug : 793855
Shibboleth SP software crashes on well-formed but invalid XML
Another upload for opensaml2 is needed to really solve this
issue. This will be done shortly.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 8 | ppc64el | libxmltooling-dev | <ย 1.5.3-2+deb8u1 | libxmltooling-dev_1.5.3-2+deb8u1_ppc64el.deb |
Debian | 6 | all | xmltooling-schemas | <ย 1.3.3-2+deb6u1 | xmltooling-schemas_1.3.3-2+deb6u1_all.deb |
Debian | 7 | ia64 | libxmltooling5 | <ย 1.4.2-5+deb7u1 | libxmltooling5_1.4.2-5+deb7u1_ia64.deb |
Debian | 8 | kfreebsd-amd64 | libxmltooling-dev | <ย 1.5.3-2+deb8u1 | libxmltooling-dev_1.5.3-2+deb8u1_kfreebsd-amd64.deb |
Debian | 8 | all | xmltooling-schemas | <ย 1.5.3-2+deb8u1 | xmltooling-schemas_1.5.3-2+deb8u1_all.deb |
Debian | 7 | armel | libxmltooling-dev | <ย 1.4.2-5+deb7u1 | libxmltooling-dev_1.4.2-5+deb7u1_armel.deb |
Debian | 6 | all | libxmltooling-doc | <ย 1.3.3-2+deb6u1 | libxmltooling-doc_1.3.3-2+deb6u1_all.deb |
Debian | 7 | amd64 | libxmltooling5 | <ย 1.4.2-5+deb7u1 | libxmltooling5_1.4.2-5+deb7u1_amd64.deb |
Debian | 8 | arm64 | libxmltooling-dev | <ย 1.5.3-2+deb8u1 | libxmltooling-dev_1.5.3-2+deb8u1_arm64.deb |
Debian | 7 | all | xmltooling | <ย 1.4.2-5+deb7u1 | xmltooling_1.4.2-5+deb7u1_all.deb |