NVD

Id
38255  
Name
CVE-2013-2156  
Description
Heap-based buffer overflow in the Exclusive Canonicalization functionality (xsec/canon/XSECC14n20010315.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PrefixList attribute.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2013-08-20  
Modified Date
2013-08-21  
Seq
2013-2156  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
195617 38255 CVE-2013-2156 20130617 Re: CVE-2013-2156: Apache Santuario C++ heap overflow vulnerability  View
195618 38255 CVE-2013-2156 http://santuario.apache.org/secadv.data/CVE-2013-2156.txt  View
195619 38255 CVE-2013-2156 http://svn.apache.org/viewvc?view=revision&revision=1493961  View
195620 38255 CVE-2013-2156 DSA-2710  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
22252 JVNDB-2013-003827 Apache Santuario XML Security for C++ の Exclusive Canonicalization 機能におけるヒープベースのバッファオーバーフローの脆弱性 Apache Santuario XML Security for C++ (別名 xml-security-c) の Exclusive Canonicalization 機能 (xsec/canon/XSECC14n20010315.cpp) には、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2013-2156 62098 CVE-2013-2156 38255 7.5 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-003827.html 2013-07-17 2013-08-22 View