Gustavo Grieco discovered that xerces-c, a validating XML parser library
for C++, mishandles certain kinds of malformed input documents,
resulting in buffer overflows during processing and error reporting.
These flaws could lead to a denial of service in applications using the
xerces-c library, or potentially, to the execution of arbitrary code.

CPENameOperatorVersion
xerces-ceq3.1.1-1

CPE	Name	Operator	Version
	xerces-c	eq	3.1.1-1

References

www.debian.org/lts/security/2016/dla-433

nessus 19

openvas 15

ibm 23

debiancve 1

nvd 3

oraclelinux 1

symantec 1

freebsd 1

debian 3

mageia 1

prion 3

fedora 6

ubuntucve 1

centos 1

cvelist 1

redhat 1

cve 3

gentoo 1

oracle 3

nessus

FreeBSD : xerces-c3 -- Parser Crashes on Malformed Input (a7f2e9c6-de20-11e5-8458-6cc21735f730)

2016-02-29 00:00:00

Fedora 24 : xerces-c-3.1.3-1.fc24 (2016-9ff972ca42)

2016-04-13 00:00:00

RHEL 7 : xerces-c (RHSA-2016:0430)

2016-03-11 00:00:00

openvas

Oracle: Security Advisory (ELSA-2016-0430)

2016-03-11 00:00:00

Mageia: Security Advisory (MGASA-2016-0088)

2016-03-03 00:00:00

Huawei EulerOS: Security Advisory for xerces-c (EulerOS-SA-2016-1004)

2020-01-23 00:00:00

ibm

Security Bulletin: Apache Xerces-C vulnerabilities (XML4C) affects IBM Cloud Manager with OpenStack (CVE-2016-0729)

2018-08-08 04:13:55

Security Bulletin: IBM Streams is affected by Open Source Apache Xerces-C XML parser Vulnerabilities (CVE-2016-0729)

2018-06-16 13:43:12

Security Bulletin: Content Manager OnDemand for Multiplatforms is affected by Open Source Apache Xerces-C XML parser Vulnerabilities (CVE-2016-0729)

2018-06-17 12:16:02

debiancve

CVE-2016-0729

2016-04-07 21:59:01

nvd

CVE-2016-0729

2016-04-07 21:59:01

CVE-2016-0717

2016-02-18 15:59:00

CVE-2016-0716

2016-02-18 15:59:00

oraclelinux

xerces-c security update

2016-03-10 00:00:00

symantec

Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability

2016-02-25 00:00:00

freebsd

xerces-c3 -- Parser Crashes on Malformed Input

2016-02-25 00:00:00

debian

[SECURITY] [DSA 3493-1] xerces-c security update

2016-02-25 15:59:04

[SECURITY] [DSA 3493-1] xerces-c security update

2016-02-25 15:59:04

[SECURITY] [DLA 433-1] xerces-c security update

2016-02-25 18:47:45

mageia

Updated xerces-c packages fix CVE-2016-0729

2016-03-02 21:28:46

prion

Buffer overflow

2016-04-07 21:59:00

Design/Logic Flaw

2016-02-18 15:59:00

Design/Logic Flaw

2016-02-18 15:59:00

fedora

[SECURITY] Fedora 22 Update: xerces-c-3.1.3-1.fc22

2016-04-18 03:51:23

[SECURITY] Fedora 23 Update: xerces-c-3.1.3-1.fc23

2016-04-13 07:27:40

[SECURITY] Fedora 24 Update: xerces-c-3.1.3-1.fc24

2016-04-12 09:47:33

ubuntucve

CVE-2016-0729

2016-04-07 00:00:00

centos

xerces security update

2016-03-10 17:35:16

cvelist

CVE-2016-0729

2016-04-07 21:00:00

redhat

(RHSA-2016:0430) Important: xerces-c security update

2016-03-10 14:37:36

cve

CVE-2016-0729

2016-04-07 21:59:01

CVE-2016-0717

2016-02-18 15:59:00

CVE-2016-0716

2016-02-18 15:59:00

gentoo

Xerces-C++: Multiple vulnerabilities

2016-12-24 00:00:00

oracle

Oracle Critical Patch Update Advisory - October 2019

2020-01-22 00:00:00

Oracle Critical Patch Update - October 2018

2018-12-18 00:00:00

Oracle Critical Patch Update Advisory - April 2017

2017-04-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.031 Low

EPSS

Percentile

91.1%

JSON

Related for OSV:DLA-433-1