CVE-2015-0851

EPSS 0.62%

xmltooling - security update

發布日:2015/8/12修改日:2026/4/28

也稱為:DEBIAN-CVE-2015-0851

描述

XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth Service Provider (SP), does not properly handle integer conversion exceptions, which allows remote attackers to cause a denial of service (crash) via schema-invalid XML data.

受影響套件(3)

Debian/xmltoolingfrom 0, < 1.5.6-1
Debian/xmltoolingfrom 0, < 1.3.3-2+deb6u1
Debian/xmltoolingfrom 0, < 1.4.2-5+deb7u1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-0851