The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libexpat project libexpat |
||
canonical ubuntu linux 12.04 |
||
mcafee policy auditor |
||
python python |