Lucene search
K

7 matches found

NVD
NVD
added 2013/08/20 10:55 p.m.17 views

CVE-2013-2156

Heap-based buffer overflow in the Exclusive Canonicalization functionality xsec/canon/XSECC14n20010315.cpp in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PrefixLi...

7.5CVSS7.9AI score0.08402EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2013/08/20 10:55 p.m.31 views

CVE-2013-2156

Heap-based buffer overflow in the Exclusive Canonicalization functionality xsec/canon/XSECC14n20010315.cpp in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PrefixLi...

7.5CVSS6.4AI score0.08402EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2013/08/20 10:0 p.m.35 views

CVE-2013-2156

Heap-based buffer overflow in the Exclusive Canonicalization functionality xsec/canon/XSECC14n20010315.cpp in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PrefixLi...

7.5CVSS7.3AI score0.08402EPSS
Exploits0
Mageia
Mageia
added 2013/07/01 7:12 p.m.64 views

Updated xml-security-c package fixes multiple security vulnerabilities

The implementation of XML digital signatures in the Santuario-C++ library is vulnerable to a spoofing issue allowing an attacker to reuse existing signatures with arbitrary content CVE-2013-2153. A stack overflow, possibly leading to arbitrary code execution, exists in the processing of malformed...

7.5CVSS2.3AI score0.08402EPSS
Exploits2References3
Debian
Debian
added 2013/06/18 3:44 p.m.30 views

[SECURITY] [DSA 2710-1] xml-security-c security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2710-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso June 18, 2013 http://www.debian.org/security/faq -...

7.5CVSS6.9AI score0.08402EPSS
Exploits2
OpenVAS
OpenVAS
added 2013/06/18 12:0 a.m.31 views

Debian Security Advisory DSA 2710-1 (xml-security-c - several vulnerabilities)

James Forshaw from Context Information Security discovered several vulnerabilities in xml-security-c, an implementation of the XML Digital Security specification. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-2153 The implementation of XML digital...

7.5CVSS0.1AI score0.08402EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2013/06/18 12:0 a.m.27 views

apache-xml-security-c -- heap overflow

The Apache Software Foundation reports: A heap overflow exists in the processing of the PrefixList attribute optionally used in conjunction with Exclusive Canonicalization, potentially allowing arbitary code execution. If verification of the signature occurs prior to actual evaluation of a signin...

7.5CVSS6.9AI score0.08402EPSS
Exploits0References1
Rows per page
Query Builder