Showing 1 - 7 of 7

CVE-2016-4472

Status Candidate

Overview

The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.

Related Files

Slackware Security Advisory - python Updates: Posted May 5, 2018; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.; tags | advisory, python; systems | linux, slackware; advisories | CVE-2012-0876, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2016-9063, CVE-2017-9233, CVE-2018-1060, CVE-2018-1061; MD5 | 4830becfccec59ec7d1e08315d914061; Download | Favorite | Comments (0)

Apple Security Advisory 2017-03-28-2: Posted Mar 28, 2017; Authored by Apple | Site apple.com; Apple Security Advisory 2017-03-28-2 - This advisory provides additional information for APPLE-SA-2017-03-22-1. iTunes for Windows 12.6 addresses multiple vulnerabilities in various included software.; tags | advisory, vulnerability; systems | windows, apple; advisories | CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2013-7443, CVE-2015-1283, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2016-6153, CVE-2017-2383, CVE-2017-2463, CVE-2017-2479, CVE-2017-2480, CVE-2017-5029; MD5 | e81764e60882d63eba34b90e1a1a18b1; Download | Favorite | Comments (0)

Apple Security Advisory 2017-03-22-2: Posted Mar 24, 2017; Authored by Apple | Site apple.com; Apple Security Advisory 2017-03-22-2 - iTunes for Mac 12.6 is now available and addresses vulnerabilities in expat and SQLite.; tags | advisory, vulnerability; systems | apple; advisories | CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2013-7443, CVE-2015-1283, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2016-6153; MD5 | 38c6e0f8c553ac1fec2b4079143ddd49; Download | Favorite | Comments (0)

Apple Security Advisory 2017-03-22-1: Posted Mar 23, 2017; Authored by Apple | Site apple.com; Apple Security Advisory 2017-03-22-1 - iTunes for Windows 12.6 is now available and addresses vulnerabilities in expat and SQLite.; tags | advisory, vulnerability; systems | windows, apple; advisories | CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2013-7443, CVE-2015-1283, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2016-6153; MD5 | 1bcb766e4f3265ba41b97e9177076f73; Download | Favorite | Comments (0)

Gentoo Linux Security Advisory 201701-21: Posted Jan 11, 2017; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201701-21 - Multiple vulnerabilities have been found in Expat, the worst of which may allow execution of arbitrary code. Versions less than 2.2.0-r1 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2012-6702, CVE-2013-0340, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300; MD5 | 9900fb8757b3436555947e2691bf6f5e; Download | Favorite | Comments (0)

Slackware Security Advisory - expat Updates: Posted Dec 25, 2016; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New expat packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.; tags | advisory; systems | linux, slackware; advisories | CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300; MD5 | 1870303524d6e5321fbea1b5cad1fdd2; Download | Favorite | Comments (0)

Ubuntu Security Notice USN-3013-1: Posted Jun 21, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3013-1 - It was discovered that the Expat code in XML-RPC for C and C++ unexpectedly called srand in certain circumstances. This could reduce the security of calling applications. It was discovered that the Expat code in XML-RPC for C and C++ incorrectly handled seeding the random number generator. A remote attacker could possibly use this issue to cause a denial of service. Gustavo Grieco discovered that the Expat code in XML-RPC for C and C++ incorrectly handled malformed XML data. If a user or application linked against XML-RPC for C and C++ were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300; MD5 | 1bfe255d6d036e1b85b6eb10248eb742; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 61 files
Ubuntu 59 files
Debian 19 files
Google Security Research 9 files
cp77fk4r 8 files
digitalwhisper 8 files
Mandar Satam 7 files
Adam Gowdiak 6 files
Matthias Deeg 6 files
Andrew Klaus 6 files

File Archives

Systems

AIX (413)
Apple (1,640)
BSD (349)
Cisco (1,852)
Debian (5,780)
Fedora (1,685)
FreeBSD (1,215)
Gentoo (3,688)
HPUX (868)
iOS (209)
iPhone (105)
IRIX (220)
Juniper (67)
Linux (35,423)
Mac OS X (656)
Mandriva (3,105)
NetBSD (255)
OpenBSD (460)
RedHat (7,315)
Slackware (904)
Solaris (1,580)
SUSE (1,444)
Ubuntu (6,200)
UNIX (8,472)
UnixWare (175)
Windows (5,494)
Other

CVE-2016-4472

Overview

Related Files

File Archive:

June 2019

Top Authors In Last 30 Days

File Tags

File Archives

Systems