Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-2154HistoryAug 20, 2013 - 10:55 p.m.
CVE-2013-2154
2013-08-2022:55:00
Debian Security Bug Tracker
security-tracker.debian.org
8
0.01 Low
EPSS
Percentile
83.7%
Stack-based buffer overflow in the XML Signature Reference functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed XPointer expressions, probably related to the DSIGReference::getURIBaseTXFM function.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xml-security-c | < 1.6.1-6 | xml-security-c_1.6.1-6_all.deb |
| Debian | 11 | all | xml-security-c | < 1.6.1-6 | xml-security-c_1.6.1-6_all.deb |
| Debian | 10 | all | xml-security-c | < 1.6.1-6 | xml-security-c_1.6.1-6_all.deb |
| Debian | 999 | all | xml-security-c | < 1.6.1-6 | xml-security-c_1.6.1-6_all.deb |
| Debian | 13 | all | xml-security-c | < 1.6.1-6 | xml-security-c_1.6.1-6_all.deb |
Related
prion
prion
Stack overflow
2013-08-20 22:55:00
Heap overflow
2013-08-20 22:55:00
securityvulns
securityvulns
CVE-2013-2154: Apache Santuario C++ stack overflow vulnerability
2013-07-01 00:00:00
CVE-2013-2210
2013-07-01 00:00:00
[SECURITY] [DSA 2717-1] xml-security-c security update
2013-07-01 00:00:00
cvelist
cvelist
CVE-2013-2154
2013-08-20 22:00:00
CVE-2013-2210
2013-08-20 22:00:00
osv
osv
xml-security-c - heap overflow
2013-06-28 00:00:00
xml-security-c - several
2013-06-18 00:00:00
cve
cve
CVE-2013-2154
2013-08-20 22:55:00
CVE-2013-2210
2013-08-20 22:55:00
debian
debian
[SECURITY] [DSA 2717-1] xml-security-c security update
2013-06-28 15:17:18
[SECURITY] [DSA 2717-1] xml-security-c security update
2013-06-28 15:17:37
[SECURITY] [DSA 2710-1] xml-security-c security update
2013-06-18 15:44:43
openvas
openvas
Debian: Security Advisory (DSA-2717-1)
2013-06-27 00:00:00
Debian Security Advisory DSA 2717-1 (xml-security-c - heap overflow)
2013-06-28 00:00:00
freebsd
freebsd
apache-xml-security-c -- heap overflow during XPointer evaluation
2013-06-27 00:00:00
ubuntucve
ubuntucve
CVE-2013-2210
2013-08-20 00:00:00
CVE-2013-2154
2013-08-20 00:00:00
debiancve
debiancve
CVE-2013-2210
2013-08-20 22:55:00
nessus
nessus
Debian DSA-2717-1 : xml-security-c - heap overflow
2013-06-29 00:00:00
FreeBSD : apache-xml-security-c -- heap overflow during XPointer evaluation (81da673e-dfe1-11e2-9389-08002798f6ff)
2013-06-29 00:00:00
Debian DSA-2710-1 : xml-security-c - several vulnerabilities
2013-06-19 00:00:00
seebug
seebug
Apache Santuario XML Security for C++ 堆缓冲区溢出漏洞
2013-06-28 00:00:00
mageia
mageia
Updated xml-security-c package fixes multiple security vulnerabilities
2013-07-01 23:12:07