RSS   Vulnerabilities for 'Xerces-c++'   RSS

2018-03-01
 
CVE-2017-12627

CWE-476
 

 
In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result in a null pointer dereference under certain conditions.

 
2017-08-08
 
CVE-2012-0880

 

 
Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a crafted message sent to an XML service that causes hash table collisions.

 
2016-07-08
 
CVE-2016-4463

CWE-119
 

 
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.

 
2016-05-13
 
CVE-2016-2099

CWE-Other
 

 
Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document.

 
2009-08-11
 
CVE-2009-1885

CWE-119
 

 
Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.

 
2008-10-07
 
CVE-2008-4482

CWE-20
 

 
The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file.

 
2004-12-31
 
CVE-2004-1575

 

 
The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service (CPU consumption) via XML attributes in a crafted XML document.

 

 >>> Vendor: Apache 247 Products
Http server
Tomcat
Jserv
Mod python
Traffic server
Openoffice
Cocoon
Spamassassin
Subversion
Jspwiki
Xerces-c++
James
Mod auth radius
Coyote http connector
Mod imap
Struts
Derby
Libapreq2
Jetspeed
Geronimo
FLEX
Log4net
Open for business project
Opentaps
Apache http server
Tomcat jk web server connector
Apache test
Mod perl
AXIS
Myfaces tomahawk
Storm
Jakarta slide
Openoffice.org
Mod jk
Apache webserver
Roller
Apr-util
Jackrabbit
Tiles
Portable runtime
APR
SOLR
QPID
Couchdb
Axis2
Activemq
Myfaces
CXF
Archiva
Shiro
Mod fcgid
Libcloud
Continuum
Httpclient
Rampart/c
Wicket
Apache commons daemon
Http server2.0a1
Http server2.0a2
Http server2.0a3
Http server2.0a4
Http server2.0a5
Http server2.0a6
Http server2.0a7
Http server2.0a8
Http server2.0a9
Hadoop
Commons-compress
Org.apache.sling.servlets.post
POI
Guacamole
Cloudstack
Commons-httpclient
Commons fileupload
RAVE
Maven
Openjpa
Struts2-showcase
Xml security for c++
Xml security for java
Camel
Shindig
Sling auth core component
Sling
Mod dontdothat
Mod dav svn
Cordova
Xalan-java
Zookeeper
Syncope
Harmony
Hbase
Httpasyncclient
Ofbiz
Apache axis2/c
Wss4j
Mod auth mellon
HIVE
Xml security
Santuario xml security for java
See all Products for Vendor Apache


Copyright 2024, cxsecurity.com

 

Back to Top