Apache Xerces-C XML Parser Crashes on Malformed DTD

2016.06.30
Credit: Brandon Perry
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2016-4463: Apache Xerces-C XML Parser Crashes on Malformed DTD Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Xerces-C XML Parser library versions prior to V3.1.4 Description: The Xerces-C XML parser fails to successfully parse a DTD that is deeply nested, and this causes a stack overflow, which makes a denial of service attack against many applications possible by an unauthenticated attacker. Mitigation: Applications that are using library versions older than V3.1.4 should upgrade as soon as possible. Distributors of older versions should apply the patches from this subversion revision: http://svn.apache.org/viewvc?view=revision&revision=1747619 Note that the nesting limit is currently implemented as a compile-time constant in order to maintain ABI-compatibility. In addition, a related enhancement was made to enable applications to fully disable DTD processing through the use of an environment variable. Distributors of older versions are urged to incorporate this patch to enable applications to more fully protect themselves from future issues if they do not require DTD support. This change is ABI-compatible and can be found in this subversion revision: http://svn.apache.org/viewvc?view=revision&revision=1747620 Credit: This issue was reported by Brandon Perry. References: http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXXqPQAAoJEDeLhFQCJ3liyRwQAI5aUjhKtZtw+51EgNizpuLa dvfEP27anUXLKwLXt+WIfogW3TLQ4HwyiszanO4YTlwz3qbKO3TJQXdT4kTQx6/k KhWr7+vsn7pBEPiiC7kj3lH7QHCd+T8/W+Xik/rKDFV1qAAKuoFgYJ31qED8I65z 371Tdm+p2QE4Nh9M7k7LUs+yWu5XdwJIS61L3R/MpEptynuo7Onbp+sjF6OQCZHc u1KJ3zAlKzP4iwtxKjvoXqOnLgYwjtqC2p7nYBEXOEn4DA4Q/PMrfdYIebjUo/Wy CeIN5TGJ2aunMkVK0RgxCqjr0sl2cYqY8iegUqp9Iz4+rMpy5ZDLNyyjgbXgSY73 8145xO2tscLs7bLXAXUGbLlOPxnDqVieGlYyHICFnl58I4ekfhwtMmd9d2WOlaVE 7NEPTorFiHI+wdK2yebCLAMaJbL9KJQiJa/4xw9qvpZ4DQ7aein9jq7fklQ62crc Ff4h4icX4icM1/s1tvcEM1lZw8Td4UyXkwvoEmfZg7dVy4NW+XM/Kn4FUCPRnC9A XVAabL3K290Mz77YLqUTk733w1q/lFCxgOCJF18/OJef2azMn74QgFbLcBD16i2O FNxdtPsSRGNsfOGN08Uiwg9RN6uqoZ6Rxwq3hEcAiufYQHFiXldlS26koP2QMk03 gNuHTr22AcR0ZgoW9GYP =eilz -----END PGP SIGNATURE-----

References:

http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt
http://svn.apache.org/viewvc?view=revision&revision=1747619


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top