Unknown
CVE-2013-2210
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)
Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this is due to an incorrect fix for CVE-2013-2154.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- xml security for c++,
- xml security for c++ 0.1.0,
- xml security for c++ 0.2.0,
- xml security for c++ 1.1.0,
- xml security for c++ 1.2.0,
- xml security for c++ 1.2.1,
- xml security for c++ 1.3.0,
- xml security for c++ 1.3.1,
- xml security for c++ 1.4.0,
- xml security for c++ 1.5.0,
- xml security for c++ 1.5.1,
- xml security for c++ 1.6.0,
- xml security for c++ 1.6.1,
- xml security for c++ 1.7.0
References
Advisory
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
