CVE-2013-2154
Publication date 20 August 2013
Last updated 24 July 2024
Ubuntu priority
Stack-based buffer overflow in the XML Signature Reference functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed XPointer expressions, probably related to the DSIGReference::getURIBaseTXFM function.
Status
Package | Ubuntu Release | Status |
---|---|---|
xml-security-c | ||
Notes
Patch details
Package | Patch details |
---|---|
xml-security-c |