Lucene search
K

6 matches found

OSV
OSV
added 2013/08/20 10:55 p.m.2 views

DEBIAN-CVE-2013-2156

Heap-based buffer overflow in the Exclusive Canonicalization functionality xsec/canon/XSECC14n20010315.cpp in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PrefixLi...

7.5CVSS8.2AI score0.08402EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2013/08/20 10:0 p.m.35 views

CVE-2013-2156

Heap-based buffer overflow in the Exclusive Canonicalization functionality xsec/canon/XSECC14n20010315.cpp in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PrefixLi...

7.5CVSS7.3AI score0.08402EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/01 12:0 a.m.62 views

Re: CVE-2013-2156: Apache Santuario C++ heap overflow vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2013-2156: Apache Santuario XML Security for C++ contains heap overflow while processing InclusiveNamespace PrefixList Severity: Critical Vendor: The Apache Software Foundation Versions Affected: Apache Santuario XML Security for C++ library...

7.5CVSS0.8AI score0.08402EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/06/19 12:0 a.m.38 views

FreeBSD : apache-xml-security-c -- heap overflow (279e5f4b-d823-11e2-928e-08002798f6ff)

The Apache Software Foundation reports : A heap overflow exists in the processing of the PrefixList attribute optionally used in conjunction with Exclusive Canonicalization, potentially allowing arbitary code execution. If verification of the signature occurs prior to actual evaluation of a signi...

7.5CVSS5.4AI score0.08402EPSS
Exploits0References3
OSV
OSV
added 2013/06/18 12:0 a.m.37 views

DSA-2710-1 xml-security-c - several

Bulletin has no description...

7.5CVSS5.9AI score0.08402EPSS
Exploits2
OpenVAS
OpenVAS
added 2013/06/17 12:0 a.m.18 views

Debian: Security Advisory (DSA-2710-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.08402EPSS
Exploits2References3
Rows per page
Query Builder