Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0252

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2015-0252
Last Modified 11 May 2015 10:02:18
Published 24 Mar 2015 01:59:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-0252

Summary

internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.

Vulnerable Systems

Operating System

  • Debian Linux 7.1

Application

  • Apache Xerces-c 3.1.1


References

CONFIRM - http://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt

DEBIAN - DSA-3199

FEDORA - FEDORA-2015-4272

FEDORA - FEDORA-2015-4226

CONFIRM - https://shibboleth.net/community/advisories/secadv_20150319.txt

FEDORA - FEDORA-2015-4228

FEDORA - FEDORA-2015-4285

FEDORA - FEDORA-2015-4321

FEDORA - FEDORA-2015-4251

EXPLOIT-DB - 36906

MISC - http://packetstormsecurity.com/files/131756/Apache-Xerces-C-XML-Parser-Denial-Of-Service.html


Last Updated: 27 May 2016 11:08:38