NewStart CGSL CORE 5.04 / MAIN 5.04 : xerces-c Vulnerability (NS-SA-2019-0072)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has xerces-c packages installed that are affected by a vulnerability: - A stack exhaustion flaw was found in the way Xerces-C XML parser handled deeply nested DTDs. An attacker could potentially use this flaw to crash an...

Apache xerces-c stack buffer overflow vulnerability

Apache Xerces is an XML syntax parser from the Apache Software Foundation in the U.S. Apache Xerces-C is its language version. A stack buffer overflow vulnerability exists in xerces-c because the program fails to properly parse deeply nested DTDs, which can be exploited by a remote attacker to...