CVE-2015-1819

Severity

50%

Complexity

99%

Confidentiality

48%

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Overview

First reported 9 years ago

2015-08-14 18:59:00

Last updated 5 years ago

2019-12-27 16:08:00

Affected Software

Debian Linux 7.0

7.0

Debian Linux 8.0 (Jessie)

8.0

Canonical Ubuntu Linux 12.04 LTS

12.04

Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)

14.04

Canonical Ubuntu Linux 15.04

15.04

Red Hat Enterprise Linux

Oracle Solaris 11.3

11.3

Apple Mac OS X

OpenSUSE 13.1

13.1

OpenSUSE 13.2

13.2

Fedora 22

22

Fedora Project Fedora 23

23

References

APPLE-SA-2016-03-21-1

Mailing List, Third Party Advisory

APPLE-SA-2016-03-21-2

Mailing List, Third Party Advisory

APPLE-SA-2016-03-21-3

Mailing List, Third Party Advisory

APPLE-SA-2016-03-21-5

Mailing List, Third Party Advisory

FEDORA-2015-c24af963a2

Third Party Advisory

FEDORA-2015-037f844d3e

Third Party Advisory

openSUSE-SU-2015:2372

Third Party Advisory

openSUSE-SU-2016:0106

Third Party Advisory

RHSA-2015:1419

Third Party Advisory

RHSA-2015:2550

Third Party Advisory

DSA-3430

Third Party Advisory

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

Third Party Advisory

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

Third Party Advisory

75570

Third Party Advisory, VDB Entry

1034243

Third Party Advisory, VDB Entry

USN-2812-1

Third Party Advisory

http://xmlsoft.org/news.html

Third Party Advisory

https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9

Patch, Vendor Advisory

GLSA-201507-08

Third Party Advisory

GLSA-201701-37

Third Party Advisory

https://support.apple.com/HT206166

Third Party Advisory

https://support.apple.com/HT206167

Third Party Advisory

https://support.apple.com/HT206168

Third Party Advisory

https://support.apple.com/HT206169

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.