Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.
References
Configurations
History
12 Feb 2023, 23:21
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD. |
02 Feb 2023, 16:17
Type | Values Removed | Values Added |
---|---|---|
Summary | A stack exhaustion flaw was found in the way Xerces-C XML parser handled deeply nested DTDs. An attacker could potentially use this flaw to crash an application using Xerces-C by tricking it into processing specially crafted data. | |
References |
|
Information
Published : 2016-07-08 19:59
Updated : 2023-12-10 11:46
NVD link : CVE-2016-4463
Mitre link : CVE-2016-4463
CVE.ORG link : CVE-2016-4463
JSON object : View
Products Affected
apache
- xerces-c\+\+
debian
- debian_linux
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer