Lucene search
FreeBSD279E5F4B-D823-11E2-928E-08002798F6FFHistoryJun 18, 2013 - 12:00 a.m.
apache-xml-security-c -- heap overflow
2013-06-1800:00:00
vuxml.freebsd.org
15
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.051
Percentile
93.0%
The Apache Software Foundation reports:
A heap overflow exists in the processing of the PrefixList
attribute optionally used in conjunction with Exclusive
Canonicalization, potentially allowing arbitary code execution.
If verification of the signature occurs prior to actual evaluation of a
signing key, this could be exploited by an unauthenticated attacker.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | apache-xml-security-c | < 1.7.1 | UNKNOWN |
Related
cve
cve
CVE-2013-2156
2013-08-20 22:55:03
securityvulns
securityvulns
Re: CVE-2013-2156: Apache Santuario C++ heap overflow vulnerability
2013-07-01 00:00:00
[SECURITY] [DSA 2710-1] xml-security-c security update
2013-07-01 00:00:00
xml-security-c security vulnerabilities
2013-07-01 00:00:00
nvd
nvd
CVE-2013-2156
2013-08-20 22:55:03
cvelist
cvelist
CVE-2013-2156
2013-08-20 22:00:00
debiancve
debiancve
CVE-2013-2156
2013-08-20 22:55:03
nessus
nessus
FreeBSD : apache-xml-security-c -- heap overflow (279e5f4b-d823-11e2-928e-08002798f6ff)
2013-06-19 00:00:00
Debian DSA-2710-1 : xml-security-c - several vulnerabilities
2013-06-19 00:00:00
Tenable SecurityCenter < 5.8.0 Multiple Vulnerabilities (TNS-2018-15)
2018-11-27 00:00:00
prion
prion
Heap overflow
2013-08-20 22:55:00
ubuntucve
ubuntucve
CVE-2013-2156
2013-08-20 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2710-1)
2013-06-17 00:00:00
Mageia: Security Advisory (MGASA-2013-0193)
2022-01-28 00:00:00
debian
debian
[SECURITY] [DSA 2710-1] xml-security-c security update
2013-06-18 15:44:22
[SECURITY] [DSA 2710-1] xml-security-c security update
2013-06-18 15:44:22
osv
osv
xml-security-c - several
2013-06-18 00:00:00
mageia
mageia
Updated xml-security-c package fixes multiple security vulnerabilities
2013-07-01 23:12:07
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.051
Percentile
93.0%
Related for 279E5F4B-D823-11E2-928E-08002798F6FF