High severity7.5NVD Advisory· Published Jun 13, 2016· Updated May 6, 2026

CVE-2016-4478

Description

Buffer overflow in the xmlrpc_char_encode function in modules/transport/xmlrpc/xmlrpclib.c in Atheme before 7.2.7 allows remote attackers to cause a denial of service via vectors related to XMLRPC response encoding.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.opensuse.org/opensuse-updates/2016-05/msg00061.htmlnvd
www.debian.org/security/2016/dsa-3586nvd
www.openwall.com/lists/oss-security/2016/05/02/2nvd
www.openwall.com/lists/oss-security/2016/05/03/1nvd
github.com/atheme/atheme/commit/87580d767868360d2fed503980129504da84b63envd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000