CVE-2016-0718

HIGH

Description

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

References

http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html

http://packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.html

http://rhn.redhat.com/errata/RHSA-2016-2824.html

http://seclists.org/fulldisclosure/2017/Feb/68

http://support.eset.com/ca6333/

http://www.debian.org/security/2016/dsa-3582

http://www.mozilla.org/security/announce/2016/mfsa2016-68.html

http://www.openwall.com/lists/oss-security/2016/05/17/12

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

http://www.securityfocus.com/bid/90729

http://www.securitytracker.com/id/1036348

http://www.securitytracker.com/id/1036415

http://www.securitytracker.com/id/1037705

http://www.ubuntu.com/usn/USN-2983-1

http://www.ubuntu.com/usn/USN-3044-1

https://access.redhat.com/errata/RHSA-2018:2486

https://bugzilla.mozilla.org/show_bug.cgi?id=1236923

https://bugzilla.redhat.com/show_bug.cgi?id=1296102

https://security.gentoo.org/glsa/201701-21

https://source.android.com/security/bulletin/2016-11-01.html

https://support.apple.com/HT206903

https://www.tenable.com/security/tns-2016-20

Details

Source: MITRE

Published: 2016-05-26

Updated: 2021-01-25

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Tenable Plugins

View all (42 total)

IDNameProductFamilySeverity
145061IBM HTTP Server 7.0.0.0 <= 7.0.0.41 / 8.0.0.0 < 8.0.0.13 / 8.5.0.0 < 8.5.5.11 / 9.0.0.0 < 9.0.0.2 Multiple Vulnerabilities (548231)NessusWeb Servers
high
137461EulerOS 2.0 SP2 : xulrunner (EulerOS-SA-2020-1619)NessusHuawei Local Security Checks
high
134106SUSE SLED12 / SLES12 Security Update : python3 (SUSE-SU-2020:0497-1)NessusSuSE Local Security Checks
high
124949EulerOS Virtualization 3.0.1.0 : expat (EulerOS-SA-2019-1446)NessusHuawei Local Security Checks
high
109594FreeBSD : python 2.7 -- multiple vulnerabilities (8719b935-8bae-41ad-92ba-3c826f651219)NessusFreeBSD Local Security Checks
high
109583Slackware 14.0 / 14.1 / 14.2 / current : python (SSA:2018-124-01)NessusSlackware Local Security Checks
high
103796FreeBSD : Python 2.7 -- multiple vulnerabilities (9164f51e-ae20-11e7-a633-009c02a2ab30)NessusFreeBSD Local Security Checks
high
103424Slackware 14.0 / 14.1 / 14.2 / current : python (SSA:2017-266-02)NessusSlackware Local Security Checks
high
103313F5 Networks BIG-IP : Expat vulnerability (K52320548)NessusF5 Networks Local Security Checks
high
100027Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)NessusMacOS X Local Security Checks
high
100026Apple iTunes < 12.6 Multiple Vulnerabilities (uncredentialed check)NessusPeer-To-Peer File Sharing
high
100025Apple iTunes < 12.6 Multiple Vulnerabilities (credentialed check)NessusWindows
high
99849EulerOS 2.0 SP1 : expat (EulerOS-SA-2017-1002)NessusHuawei Local Security Checks
high
96415GLSA-201701-21 : Expat: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
96337Tenable Passive Vulnerability Scanner 5.x < 5.2.0 Multiple Vulnerabilities (SWEET32)NessusMisc.
critical
96092Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : expat (SSA:2016-359-01)NessusSlackware Local Security Checks
high
95895Amazon Linux AMI : expat (ALAS-2016-775)NessusAmazon Linux Local Security Checks
high
95867Scientific Linux Security Update : expat on SL6.x, SL7.x i386/x86_64 (20161128)NessusScientific Linux Local Security Checks
high
95381RHEL 6 / 7 : expat (RHSA-2016:2824)NessusRed Hat Local Security Checks
high
95380OracleVM 3.3 / 3.4 : expat (OVMSA-2016-0168)NessusOracleVM Local Security Checks
high
95379Oracle Linux 6 / 7 : expat (ELSA-2016-2824)NessusOracle Linux Local Security Checks
high
95373CentOS 6 / 7 : expat (CESA-2016:2824)NessusCentOS Local Security Checks
high
93429FreeBSD : Mozilla -- multiple vulnerabilities (aa1aefe3-6e37-47db-bfda-343ef4acb1b5)NessusFreeBSD Local Security Checks
high
92853openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-960)NessusSuSE Local Security Checks
high
92785Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : firefox vulnerabilities (USN-3044-1)NessusUbuntu Local Security Checks
high
92755Firefox < 48 Multiple VulnerabilitiesNessusWindows
high
92753Firefox < 48 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
high
92746openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-937)NessusSuSE Local Security Checks
high
92496Mac OS X 10.11.x < 10.11.6 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
92465Tenable Nessus 6.x < 6.8 Multiple VulnerabilitiesNessusCGI abuses
high
92229Fedora 22 : expat (2016-0fd6ca526a)NessusFedora Local Security Checks
high
92117Fedora 24 : expat (2016-7c6e7a9265)NessusFedora Local Security Checks
high
92102Fedora 23 : expat (2016-60889583ab)NessusFedora Local Security Checks
high
91729Ubuntu 12.04 LTS : xmlrpc-c vulnerabilities (USN-3013-1)NessusUbuntu Local Security Checks
high
91652SUSE SLED12 / SLES12 Security Update : expat (SUSE-SU-2016:1508-1)NessusSuSE Local Security Checks
high
91556SUSE SLES11 Security Update : expat (SUSE-SU-2016:1512-1)NessusSuSE Local Security Checks
high
91530openSUSE Security Update : expat (openSUSE-2016-695)NessusSuSE Local Security Checks
high
91407openSUSE Security Update : expat (openSUSE-2016-660)NessusSuSE Local Security Checks
high
91267FreeBSD : expat -- denial of service vulnerability on malformed input (57b3aba7-1e25-11e6-8dd3-002590263bf5)NessusFreeBSD Local Security Checks
high
91265Debian DLA-483-1 : expat security updateNessusDebian Local Security Checks
high
91259Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : expat vulnerability (USN-2983-1)NessusUbuntu Local Security Checks
high
91200Debian DSA-3582-1 : expat - security updateNessusDebian Local Security Checks
high