vulnerability

FreeBSD: VID-a7f2e9c6-de20-11e5-8458-6cc21735f730 (CVE-2016-0729): xerces-c3 -- Parser Crashes on Malformed Input

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Feb 28, 2016	Dec 10, 2025	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Feb 28, 2016

Added

Dec 10, 2025

Modified

Dec 10, 2025

Description

The Apache Software Foundation reports: The Xerces-C XML parser mishandles certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. The overflows can manifest as a segmentation fault or as memory corruption during a parse operation. The bugs allow for a denial of service attack in many applications by an unauthenticated attacker, and could conceivably result in remote code execution.

Solution

freebsd-upgrade-package-xerces-c3

References

CVE-2016-0729
https://attackerkb.com/topics/CVE-2016-0729
CWE-119

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today