Lucene search
F5F5:K70191975HistorySep 15, 2016 - 12:00 a.m.
K70191975 : Apache Xerces vulnerability CVE-2016-4463
2016-09-1500:00:00
my.f5.com
20
Security Advisory Description
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD. (CVE-2016-4463)
Impact
An attacker requires privileged access to a dynamically generated XML file to exploit one of the affected components of the BIG-IP APM system. Additionally, an attacker must have access to a privileged user in order to download a malformed XML file on the system to trigger the exploit.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 11.6.1 | |
| big-ip afm | eq | 12.0.0 |
Related
nessus
nessus
Debian DSA-3610-1 : xerces-c - security update
2016-06-30 00:00:00
RHEL 7 : xerces-c (RHSA-2018:3335)
2018-10-31 00:00:00
Scientific Linux Security Update : xerces-c on SL7.x x86_64 (20181030)
2018-11-27 00:00:00
openvas
openvas
F5 BIG-IP - Apache Xerces vulnerability CVE-2016-4463
2016-09-22 00:00:00
Debian: Security Advisory (DSA-3610-1)
2016-06-28 00:00:00
Debian Security Advisory DSA 3610-1 (xerces-c - security update)
2016-06-29 00:00:00
centos
centos
xerces security update
2018-11-15 18:53:50
amazon
amazon
Medium: xerces-c
2018-12-06 20:30:00
ubuntucve
ubuntucve
CVE-2016-4463
2016-07-08 00:00:00
osv
osv
xerces-c - security update
2016-06-29 00:00:00
xerces-c vulnerabilities
2021-03-15 21:00:57
prion
prion
Stack overflow
2016-07-08 19:59:00
debian
debian
[SECURITY] [DSA 3610-1] xerces-c security update
2016-06-29 20:19:01
[SECURITY] [DLA 535-1] xerces-c security update
2016-06-29 20:27:56
[SECURITY] [DSA 3610-1] xerces-c security update
2016-06-29 20:19:01
ibm
ibm
cve
cve
CVE-2016-4463
2016-07-08 19:59:01
debiancve
debiancve
CVE-2016-4463
2016-07-08 19:59:01
redhat
redhat
(RHSA-2018:3514) Moderate: xerces-c security update
2018-11-06 15:43:00
(RHSA-2018:3506) Moderate: xerces-c security update
2018-11-06 14:46:34
(RHSA-2018:3335) Moderate: xerces-c security update
2018-10-30 04:44:38
oraclelinux
oraclelinux
xerces-c security update
2018-11-05 00:00:00
nvd
nvd
CVE-2016-4463
2016-07-08 19:59:01
archlinux
archlinux
xerces-c: denial of service
2016-07-05 00:00:00
f5
f5
SOL70191975 - Apache Xerces vulnerability CVE-2016-4463
2016-09-15 00:00:00
redhatcve
redhatcve
CVE-2016-4463
2016-06-30 08:19:16
cvelist
cvelist
CVE-2016-4463
2016-07-08 19:00:00
freebsd
freebsd
xercesi-c3 -- multiple vulnerabilities
2016-05-09 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: xerces-c27-2.7.0-28.fc29
2019-02-13 02:48:11
[SECURITY] Fedora 23 Update: xerces-c-3.1.4-1.fc23
2016-07-06 05:56:02
[SECURITY] Fedora 22 Update: xerces-c-3.1.4-1.fc22
2016-07-06 05:52:27
ubuntu
ubuntu
Xerces-C++ vulnerabilities
2021-03-15 00:00:00
oracle
oracle
CPU July 2018
2018-07-17 00:00:00
Oracle Critical Patch Update Advisory - April 2020
2020-04-14 00:00:00