Lucene search
K

13 matches found

NVD
NVD
added 2013/08/20 10:55 p.m.18 views

CVE-2013-2210

Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.2 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this...

7.5CVSS7.8AI score0.06018EPSS
Exploits1References6
NVD
NVD
added 2013/08/20 10:55 p.m.22 views

CVE-2013-2154

Stack-based buffer overflow in the XML Signature Reference functionality xsec/dsig/DSIGReference.cpp in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.1 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed...

7.5CVSS7.8AI score0.08031EPSS
Exploits1References7
OSV
OSV
added 2013/08/20 10:55 p.m.5 views

CVE-2013-2154

Stack-based buffer overflow in the XML Signature Reference functionality xsec/dsig/DSIGReference.cpp in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.1 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed...

7.5CVSS7.8AI score0.08031EPSS
Exploits1References7
Prion
Prion
added 2013/08/20 10:55 p.m.19 views

Heap overflow

Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.2 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this...

7.5CVSS8.2AI score0.08031EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2013/08/20 10:0 p.m.24 views

CVE-2013-2154

Stack-based buffer overflow in the XML Signature Reference functionality xsec/dsig/DSIGReference.cpp in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.1 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed...

7.5CVSS6.5AI score0.08031EPSS
Exploits1
CVE
CVE
added 2013/08/20 10:0 p.m.80 views

CVE-2013-2154

The CVE-2013-2154 entry affects Apache Santuario XML Security for C++ (xml-security-c) before 1.7.1, with a stack-based buffer overflow in DSIGReference::getURIBaseTXFM potentially allowing denial of service and, in some cases, arbitrary code execution via malformed XPointer expressions. Related ...

7.5CVSS7.8AI score0.08031EPSS
Exploits1References7Affected Software1
securityvulns
securityvulns
added 2013/07/01 12:0 a.m.56 views

CVE-2013-2154: Apache Santuario C++ stack overflow vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2013-2154: Apache Santuario XML Security for C++ contains a stack overflow during XPointer evaluation Severity: Critical Vendor: The Apache Software Foundation Versions Affected: Apache Santuario XML Security for C++ library versions prior to...

7.5CVSS0.6AI score0.08031EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2013/06/29 12:0 a.m.29 views

Debian DSA-2717-1 : xml-security-c - heap overflow

Jon Erickson of iSIGHT Partners Labs discovered a heap overflow in xml-security-c, an implementation of the XML Digital Security specification. The fix to address CVE-2013-2154 introduced the possibility of a heap overflow in the processing of malformed XPointer expressions in the XML Signature...

7.5CVSS5.9AI score0.08031EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2013/06/28 12:0 a.m.27 views

Debian Security Advisory DSA 2717-1 (xml-security-c - heap overflow)

Jon Erickson of iSIGHT Partners Labs discovered a heap overflow in xml-security-c, an implementation of the XML Digital Security specification. The fix to address CVE-2013-2154 introduced the possibility of a heap overflow in the processing of malformed XPointer expressions in the XML Signature...

7.5CVSS0.08031EPSS
Exploits1References1
OSV
OSV
added 2013/06/28 12:0 a.m.30 views

DSA-2717-1 xml-security-c - heap overflow

Bulletin has no description...

7.5CVSS6AI score0.06018EPSS
Exploits1
FreeBSD
FreeBSD
added 2013/06/27 12:0 a.m.28 views

apache-xml-security-c -- heap overflow during XPointer evaluation

The Apache Software Foundation reports: The attempted fix to address CVE-2013-2154 introduced the possibility of a heap overflow, possibly leading to arbitrary code execution, in the processing of malformed XPointer expressions in the XML Signature Reference processing code...

7.5CVSS6.7AI score0.06018EPSS
Exploits1References1
OSV
OSV
added 2013/06/18 12:0 a.m.36 views

DSA-2710-1 xml-security-c - several

Bulletin has no description...

7.5CVSS5.9AI score0.08402EPSS
Exploits2
OpenVAS
OpenVAS
added 2013/06/17 12:0 a.m.18 views

Debian: Security Advisory (DSA-2710-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.08402EPSS
Exploits2References3
Rows per page
Query Builder