cbcvebase.
CVE-2015-0252
published 2015-03-24

CVE-2015-0252: internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.

medium5CVSS 3.1
AVNACLAuNCNINAP
EXPLOIT
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.

Affected

10 ranges
VendorProductVersion rangeFixed in
apachexerces-c<= 3.1.1
apachexerces-c>= 0 < 3.1.1-5.13.1.1-5.1
apachexerces-c>= 0 < 3.1.1-5.13.1.1-5.1
apachexerces-c>= 0 < 3.1.1-5.13.1.1-5.1
apachexerces-c>= 0 < 3.1.1-5.13.1.1-5.1
debiandebian_linux
debianxerces-c< xerces-c 3.1.1-5.1 (bookworm)xerces-c 3.1.1-5.1 (bookworm)
fedoraprojectfedora
fedoraprojectfedora
fedoraprojectfedora

CVSS provenance

nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM