{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-05-09T00:00:00", "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-07-18T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "DSA-3579", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3579"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.apache.org/jira/browse/XERCESC-2066"}, {"name": "90502", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/90502"}, {"name": "GLSA-201612-46", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201612-46"}, {"name": "openSUSE-SU-2016:1744", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00016.html"}, {"name": "openSUSE-SU-2016:2232", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00013.html"}, {"name": "[oss-security] 20160509 CVE-2016-2099: use-after-free in Xerces 3.1.3", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/05/09/7"}, {"name": "openSUSE-SU-2016:1808", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2016-2099", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-3579", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3579"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"name": "https://issues.apache.org/jira/browse/XERCESC-2066", "refsource": "CONFIRM", "url": "https://issues.apache.org/jira/browse/XERCESC-2066"}, {"name": "90502", "refsource": "BID", "url": "http://www.securityfocus.com/bid/90502"}, {"name": "GLSA-201612-46", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201612-46"}, {"name": "openSUSE-SU-2016:1744", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00016.html"}, {"name": "openSUSE-SU-2016:2232", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00013.html"}, {"name": "[oss-security] 20160509 CVE-2016-2099: use-after-free in Xerces 3.1.3", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/05/09/7"}, {"name": "openSUSE-SU-2016:1808", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:17:50.565Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-3579", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3579"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.apache.org/jira/browse/XERCESC-2066"}, {"name": "90502", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/90502"}, {"name": "GLSA-201612-46", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201612-46"}, {"name": "openSUSE-SU-2016:1744", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00016.html"}, {"name": "openSUSE-SU-2016:2232", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00013.html"}, {"name": "[oss-security] 20160509 CVE-2016-2099: use-after-free in Xerces 3.1.3", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/05/09/7"}, {"name": "openSUSE-SU-2016:1808", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-2099", "datePublished": "2016-05-13T14:00:00", "dateReserved": "2016-01-29T00:00:00", "dateUpdated": "2024-08-05T23:17:50.565Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:xerces-c\\+\\+:*:*:*:*:*:*:*:*", "matchCriteriaId": "21ADA8C8-0BDB-478D-BD8B-6476BCA1500E", "versionEndIncluding": "3.1.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document."}, {"lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en validators/DTD/DTDScanner.cpp en Apache Xerces C++ 3.1.3 y versiones anteriores permite a atacantes dependientes de contexto tener un impacto no especificado a trav\u00e9s de un car\u00e1cter inv\u00e1lido en un documento XML."}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", "id": "CVE-2016-2099", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-05-13T14:59:06.447", "references": [{"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00016.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00013.html"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2016/dsa-3579"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2016/05/09/7"}, {"source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/90502"}, {"source": "secalert@redhat.com", "url": "https://issues.apache.org/jira/browse/XERCESC-2066"}, {"source": "secalert@redhat.com", "url": "https://security.gentoo.org/glsa/201612-46"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00016.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00013.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2016/dsa-3579"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2016/05/09/7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/90502"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.apache.org/jira/browse/XERCESC-2066"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201612-46"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Gustavo Grieco for reporting this issue.", "bugzilla": {"description": "xerces-c: Use-after-free in heap on specially crafted XML input", "id": "1310699", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310699"}, "csaw": false, "cvss": {"cvss_base_score": "5.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "status": "draft"}, "cwe": "CWE-416", "details": ["Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document."], "name": "CVE-2016-2099", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "xerces-c", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "xerces-c", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Will not fix", "package_name": "xerces-c", "product_name": "Red Hat Enterprise MRG 2"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:3", "fix_state": "Will not fix", "package_name": "xerces-c", "product_name": "Red Hat Enterprise MRG 3"}, {"cpe": "cpe:/a:redhat:openshift:2", "fix_state": "Will not fix", "package_name": "xerces-c", "product_name": "Red Hat OpenShift Enterprise 2"}], "public_date": "2016-05-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-2099\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-2099"], "statement": "Red Hat Product Security has rated this issue as having Moderate security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Moderate"}

{}