First published: Wed Jan 06 2016(Updated: )
An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary code with the permission of the user running the application.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/expat | <0:2.0.1-13.el6_8 | 0:2.0.1-13.el6_8 |
redhat/expat | <0:2.1.0-10.el7_3 | 0:2.1.0-10.el7_3 |
Mozilla Firefox | <48.0 | |
Apple Mac OS X | >=10.11.0<=10.11.5 | |
SUSE Linux Enterprise Debuginfo | =11-sp4 | |
SUSE Studio Onsite | =1.3 | |
SUSE Linux Enterprise Server | =11-sp4 | |
SUSE Linux Enterprise Software Development Kit | =11-sp4 | |
openSUSE Leap | =42.1 | |
SUSE Linux Enterprise Desktop | =12 | |
SUSE Linux Enterprise Desktop | =12-sp1 | |
SUSE Linux Enterprise Server | =12 | |
SUSE Linux Enterprise Server | =12-sp1 | |
SUSE Linux Enterprise Software Development Kit | =12 | |
SUSE Linux Enterprise Software Development Kit | =12-sp1 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Libexpat Project Libexpat | <2.2.0 | |
Debian Debian Linux | =8.0 | |
openSUSE openSUSE | =13.1 | |
openSUSE openSUSE | =13.2 | |
McAfee Policy Auditor | <6.5.1 | |
Python Python | >=2.7.0<2.7.15 | |
Python Python | >=3.3.0<3.3.7 | |
Python Python | >=3.4.0<3.4.7 | |
Python Python | >=3.5.0<3.5.4 | |
Python Python | >=3.6.0<3.6.2 | |
Google Android | ||
debian/expat | 2.2.10-2+deb11u5 2.2.10-2+deb11u6 2.5.0-1+deb12u1 2.6.4-1 | |
debian/firefox | 133.0.3-1 | |
debian/firefox-esr | 115.14.0esr-1~deb11u1 128.5.0esr-1~deb11u1 128.3.1esr-1~deb12u1 128.5.0esr-1~deb12u1 128.5.0esr-1 128.5.1esr-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.