CVE-2011-2516

EPSS 7.3%

xml-security-c - buffer overflow

Published: 7/11/2011Modified: 4/28/2026

Description

Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.

Affected packages (2)

Debian/xml-security-cfrom 0, < 1.6.1-1
Debian/xml-security-cfrom 0, < 1.4.0-3+lenny3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-2516