NVD

Id
38303  
Name
CVE-2013-2210  
Description
Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this is due to an incorrect fix for CVE-2013-2154.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2013-08-20  
Modified Date
2013-09-05  
Seq
2013-2210  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
195885 38303 CVE-2013-2210 20130626 CVE-2013-2210  View
195886 38303 CVE-2013-2210 http://santuario.apache.org/secadv.data/CVE-2013-2210.txt  View
195887 38303 CVE-2013-2210 DSA-2717  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
22254 JVNDB-2013-003829 Apache Santuario XML Security for C++ の XML Signature Reference 機能におけるヒープベースのバッファオーバーフローの脆弱性 Apache Santuario XML Security for C++ (別名 xml-security-c) の XML Signature Reference 機能には、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2013-2210 62152 CVE-2013-2210 38303 7.5 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-003829.html 2013-08-20 2013-08-22 View