Lucene search
RootSSV:60860HistoryJun 28, 2013 - 12:00 a.m.
Apache Santuario XML Security for C++ 堆缓冲区溢出漏洞
2013-06-2800:00:00
Root
www.seebug.org
14
0.01 Low
EPSS
Percentile
82.0%
BUGTRAQ ID: 60817
CVE(CAN) ID: CVE-2013-2210
Apache Santuario是实现XML的主要安全标准。
Apache Santuario XML Security for C++ 1.7.2之前版本在XPointer求值中存在堆缓冲区溢出漏洞,成功利用后可允许远程攻击者在受影响应用上下文中执行任意代码。此漏洞是在CVE-2013-2154修复中引入的,源于XML签名引用处理代码中的畸形XPointer表达式处理。
0
Apache Group XML Security for C++ 1.6.1
Apache Group XML Security for C++ 1.6
厂商补丁:
Apache Group
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://svn.apache.org/viewvc?view=revision&revision=r1496703
Related
debian
debian
[SECURITY] [DSA 2717-1] xml-security-c security update
2013-06-28 15:17:18
[SECURITY] [DSA 2717-1] xml-security-c security update
2013-06-28 15:17:37
[SECURITY] [DSA 2710-1] xml-security-c security update
2013-06-18 15:44:43
securityvulns
securityvulns
CVE-2013-2210
2013-07-01 00:00:00
[SECURITY] [DSA 2717-1] xml-security-c security update
2013-07-01 00:00:00
xml-security-c security vulnerabilities
2013-07-01 00:00:00
freebsd
freebsd
apache-xml-security-c -- heap overflow during XPointer evaluation
2013-06-27 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2717-1)
2013-06-27 00:00:00
Debian Security Advisory DSA 2717-1 (xml-security-c - heap overflow)
2013-06-28 00:00:00
Mageia: Security Advisory (MGASA-2013-0193)
2022-01-28 00:00:00
prion
prion
Heap overflow
2013-08-20 22:55:00
Stack overflow
2013-08-20 22:55:00
nessus
nessus
cvelist
cvelist
CVE-2013-2210
2013-08-20 22:00:00
CVE-2013-2154
2013-08-20 22:00:00
ubuntucve
ubuntucve
CVE-2013-2154
2013-08-20 00:00:00
CVE-2013-2210
2013-08-20 00:00:00
debiancve
debiancve
CVE-2013-2210
2013-08-20 22:55:00
CVE-2013-2154
2013-08-20 22:55:00
cve
cve
CVE-2013-2210
2013-08-20 22:55:00
CVE-2013-2154
2013-08-20 22:55:00
osv
osv
xml-security-c - heap overflow
2013-06-28 00:00:00
xml-security-c - several
2013-06-18 00:00:00
mageia
mageia
Updated xml-security-c package fixes multiple security vulnerabilities
2013-07-01 23:12:07