VYPR

rpm package

suse/xerces-c&distro=SUSE Linux Enterprise Software Development Kit 12 SP1

pkg:rpm/suse/xerces-c&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1

Vulnerabilities (3)

  • CVE-2016-4463HigJul 8, 2016
    affected < 3.1.1-12.3fixed 3.1.1-12.3

    Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.

  • CVE-2016-2099CriMay 13, 2016
    affected < 3.1.1-12.3fixed 3.1.1-12.3

    Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document.

  • CVE-2016-0729CriApr 7, 2016
    affected < 3.1.1-7.1fixed 3.1.1-7.1

    Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitr