QwikSec

Security Database

CVE

CWE

Training

CVE-2011-2516

Published: Jul 11, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_DEBIAN

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

20110707 Security Advisory: CVE-2011-2516

mailing-list

x_refsource_BUGTRAQ

apache-xml-dos(68420)

vdb-entry

x_refsource_XF

https://issues.apache.org/jira/browse/SANTUARIO-271

x_refsource_CONFIRM

http://santuario.apache.org/secadv/CVE-2011-2516.txt

x_refsource_CONFIRM

FEDORA-2011-9501

vendor-advisory

x_refsource_FEDORA

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

http://shibboleth.internet2.edu/secadv/secadv_20110706.txt

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

FEDORA-2011-9494

vendor-advisory

x_refsource_FEDORA

vdb-entry

x_refsource_BID

[santuario-commits] 20190823 svn commit: r1049214 - in /websites/production/santuario/content: cache/main.pageCache download.html index.html javaindex.html javareleasenotes.html secadv.data/CVE-2019-12400.asc secadv.html

mailing-list

x_refsource_MLIST

[santuario-commits] 20210917 svn commit: r1076843 - in /websites/production/santuario/content: cache/main.pageCache index.html javaindex.html secadv.data/CVE-2021-40690.txt.asc secadv.html

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2011-2516 - Security Vulnerability | QwikSec