rpm package
suse/xerces-c&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
pkg:rpm/suse/xerces-c&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-4463 | Hig | 7.5 | < 3.1.1-12.3 | 3.1.1-12.3 | Jul 8, 2016 | Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD. | |
| CVE-2016-2099 | Cri | 9.8 | < 3.1.1-12.3 | 3.1.1-12.3 | May 13, 2016 | Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document. | |
| CVE-2016-0729 | Cri | 9.8 | < 3.1.1-7.1 | 3.1.1-7.1 | Apr 7, 2016 | Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitr |
- affected < 3.1.1-12.3fixed 3.1.1-12.3
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.
- affected < 3.1.1-12.3fixed 3.1.1-12.3
Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document.
- affected < 3.1.1-7.1fixed 3.1.1-7.1
Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitr