QwikSec

Security Database

CVE

CWE

Training

CVE-2016-0729

Published: Apr 7, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitrary code via a crafted document.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

FEDORA-2016-880b91c090

vendor-advisory

x_refsource_FEDORA

http://packetstormsecurity.com/files/135949/Apache-Xerces-C-XML-Parser-Buffer-Overflow.html

x_refsource_MISC

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_BID

http://xerces.apache.org/xerces-c/secadv/CVE-2016-0729.txt

x_refsource_CONFIRM

http://svn.apache.org/viewvc?view=revision&revision=1727978

x_refsource_CONFIRM

FEDORA-2016-ae9ac16cf3

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2016:1121

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

x_refsource_CONFIRM

20160225 CVE-2016-0729: Apache Xerces-C XML Parser Crashes on Malformed Input

mailing-list

x_refsource_BUGTRAQ

vendor-advisory

x_refsource_GENTOO

openSUSE-SU-2016:0966

vendor-advisory

x_refsource_SUSE

https://issues.apache.org/jira/browse/XERCESC-2061

x_refsource_CONFIRM

FEDORA-2016-9ff972ca42

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_DEBIAN

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

x_refsource_CONFIRM

openSUSE-SU-2016:1808

vendor-advisory

x_refsource_SUSE

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.