vulnerability
Ubuntu: (CVE-2016-0729): xerces-c vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Apr 7, 2016 | Nov 19, 2024 | Aug 19, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Apr 7, 2016
Added
Nov 19, 2024
Modified
Aug 19, 2025
Description
Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitrary code via a crafted document.
Solution
ubuntu-upgrade-xerces-c
References
- CVE-2016-0729
- https://attackerkb.com/topics/CVE-2016-0729
- CWE-119
- DEBIAN-DSA-3493
- URL-http://svn.apache.org/viewvc?view=revision&revision=1727978
- URL-http://xerces.apache.org/xerces-c/secadv/CVE-2016-0729.txt
- URL-https://marc.info/?l=oss-security&m=145641008814590&w=2
- URL-https://www.cve.org/CVERecord?id=CVE-2016-0729
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.