Lucene search
GoogleOSV:CVE-2016-4472HistoryJun 30, 2016 - 5:59 p.m.
CVE-2016-4472
2016-06-3017:59:00
Google
osv.dev
13
0.033 Low
EPSS
Percentile
91.3%
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.
References
www.securityfocus.com/bid/91528
www.ubuntu.com/usn/USN-3013-1
bugzilla.redhat.com/show_bug.cgi?id=1344251
kc.mcafee.com/corporate/index?page=content&id=SB10365
security.gentoo.org/glsa/201701-21
sourceforge.net/p/expat/code_git/ci/f0bec73b018caa07d3e75ec8dd967f3785d71bde
www.tenable.com/security/tns-2016-20
Related
f5
f5
SOL22232964 - Expat XML library vulnerability CVE-2016-4472
2016-10-21 00:00:00
K22232964 : Expat XML library vulnerability CVE-2016-4472
2016-10-21 00:00:00
K15104541 : Expat XML library vulnerability CVE-2015-1283
2016-10-11 00:00:00
nessus
nessus
FreeBSD : expat2 -- denial of service (ff76f0e0-3f11-11e6-b3c8-14dae9d210b8)
2016-07-01 00:00:00
EulerOS 2.0 SP2 : apr-util (EulerOS-SA-2020-1639)
2020-06-17 00:00:00
Amazon Linux AMI : expat (ALAS-2020-1364)
2020-05-15 00:00:00
redhatcve
redhatcve
CVE-2016-4472
2016-06-09 09:48:44
prion
prion
Buffer overflow
2016-06-30 17:59:00
Buffer overflow
2015-05-14 10:59:00
Integer overflow
2015-07-23 00:59:00
nvd
nvd
debiancve
debiancve
CVE-2016-4472
2016-06-30 17:59:04
CVE-2015-1283
2015-07-23 00:59:12
cve
cve
ubuntucve
ubuntucve
veracode
veracode
Denial Of Service (DoS)
2017-03-27 05:30:04
Denial Of Service (DoS)
2017-02-01 05:26:42
Arbitrary Code Execution
2019-05-02 05:39:09
cvelist
cvelist
freebsd
freebsd
expat2 -- denial of service
2016-06-09 00:00:00
FreeBSD -- Multiple integer overflows in expat (libbsdxml) XML parser
2015-08-18 00:00:00
openvas
openvas
alpinelinux
alpinelinux
CVE-2016-4472
2016-06-30 17:59:04
ibm
ibm
Security Bulletin: Vulnerabilities in Expat component shipped with IBM Rational ClearQuest (CVE-2016-0718, CVE-2015-1283, CVE-2016-4472, CVE-2015-2716)
2020-02-04 16:40:40
archlinux
archlinux
expat: arbitrary code execution
2016-03-24 00:00:00
expat: arbitrary code execution
2016-05-18 00:00:00
lib32-expat: arbitrary code execution
2016-05-18 00:00:00
amazon
amazon
Medium: expat
2020-05-11 20:41:00
debian
debian
[SECURITY] [DLA 281-1] expat security update
2015-07-25 14:17:27
[SECURITY] [DSA 3318-1] expat security update
2015-07-26 17:54:13
[SECURITY] [DSA 3582-1] expat security update
2016-05-18 05:18:57
slackware
slackware
[slackware-security] expat
2016-12-24 19:24:21
[slackware-security] python
2017-09-23 06:33:04
ubuntu
ubuntu
XML-RPC for C and C++ vulnerabilities
2016-06-20 00:00:00
Expat vulnerability
2015-08-31 00:00:00
VNC4 vulnerabilities
2021-03-15 00:00:00
centos
centos
expat security update
2020-04-08 17:58:10
thunderbird security update
2015-05-18 14:07:12
mozilla
mozilla
Buffer overflow when parsing compressed XML — Mozilla
2015-05-12 00:00:00
oraclelinux
oraclelinux
expat security update
2020-04-06 00:00:00
thunderbird security update
2015-05-19 00:00:00
firefox security update
2015-05-13 00:00:00
osv
osv
expat - security update
2015-07-25 00:00:00
expat - security update
2015-07-26 00:00:00
expat - security update
2016-05-18 00:00:00
redhat
redhat
(RHSA-2020:2508) Moderate: expat security update
2020-06-10 16:46:54
(RHSA-2020:1011) Moderate: expat security update
2020-03-31 09:08:15
(RHSA-2015:1012) Important: thunderbird security update
2015-05-18 00:00:00
mageia
mageia
Updated expat package fixes security vulnerability
2015-07-27 20:18:02
securityvulns
securityvulns
[SECURITY] [DSA 3318-1] expat security update
2015-08-03 00:00:00
expat library integer overflow
2015-08-03 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-15:20.expat
2015-08-18 00:00:00
gentoo
gentoo
Expat: Multiple vulnerabilities
2017-01-11 00:00:00
suse
suse
Security update for expat (important)
2016-06-07 13:08:02
Security update for expat (important)
2016-06-07 17:08:51
Security update for expat (important)
2016-05-30 14:09:21
fedora
fedora
[SECURITY] Fedora 24 Update: expat-2.1.1-2.fc24
2016-06-21 19:27:49
[SECURITY] Fedora 23 Update: expat-2.1.1-2.fc23
2016-06-19 07:27:54
[SECURITY] Fedora 22 Update: expat-2.1.1-2.fc22
2016-07-12 02:27:38