8 matches found
USN-6579-2 xerces-c vulnerability
USN-6579-1 fixed a vulnerability in Xerces-C++. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. Original advisory details: It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML...
PT-2023-6251 · Apache +6 · Xerces-C++ +6
Name of the Vulnerable Software and Affected Versions: xerces-c++ version 3.2.3 Description: The issue is caused by an integer overflow in xerces-c++ that allows remote attackers to cause out-of-bound access via an HTTP request. This can potentially allow a remote attacker to execute arbitrary co...
SUSE CVE-2008-4482
The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service stack consumption and crash via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file...
SUSE CVE-2016-4463
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD...
DEBIAN-CVE-2016-4463
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD...
Xerces-C++ XML Parsing Remote Denial of Service Vulnerability
Xerces is promoted by the Apache organization of an XML document parsing open source project . A vulnerability in the processing of XML data in internal/XMLReader.cpp in Apache Xerces-C allows remote attackers to conduct denial-of-service attacks...
DEBIAN-CVE-2009-1885
Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service application crash via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrat...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service CPU consumption via XML attributes in a crafted XML document. Remediation There is no fixed version for xerces-c. References ...