8 matches found
CVE-2013-2210
Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.2 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this...
DEBIAN-CVE-2013-2210
Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.2 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this...
CVE-2013-2210
Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.2 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this...
CVE-2013-2210
CVE-2013-2210: Heap-based buffer overflow in the XML Signature Reference functionality of Apache Santuario XML Security for C++ (xml-security-c) prior to 1.7.2. Causes DoS (crash) and potentially arbitrary code execution via malformed XPointer expressions, stemming from an incorrect fix for CVE-2...
CVE-2013-2210
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2013-2210: Apache Santuario XML Security for C++ contains a heap overflow during XPointer evaluation Severity: Critical Vendor: The Apache Software Foundation Versions Affected: Apache Santuario XML Security for C++ library versions prior to...
[SECURITY] [DSA 2717-1] xml-security-c security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2717-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso June 28, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2717-1] xml-security-c security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2717-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso June 28, 2013 http://www.debian.org/security/faq -...
Apache Santuario XML Security for C++ 堆缓冲区溢出漏洞
BUGTRAQ ID: 60817 CVECAN ID: CVE-2013-2210 Apache Santuario是实现XML的主要安全标准。 Apache Santuario XML Security for C++ 1.7.2之前版本在XPointer求值中存在堆缓冲区溢出漏洞,成功利用后可允许远程攻击者在受影响应用上下文中执行任意代码。此漏洞是在CVE-2013-2154修复中引入的,源于XML签名引用处理代码中的畸形XPointer表达式处理。 0 Apache Group XML Security for C++ 1.6.1 Apache Group XML Securit...