CVE-2016-5300

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876.

References

http://www.debian.org/security/2016/dsa-3597

http://www.openwall.com/lists/oss-security/2016/06/04/4

http://www.openwall.com/lists/oss-security/2016/06/04/5

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

http://www.securityfocus.com/bid/91159

http://www.ubuntu.com/usn/USN-3010-1

https://security.gentoo.org/glsa/201701-21

https://source.android.com/security/bulletin/2016-11-01.html

https://www.tenable.com/security/tns-2016-20

Details

Source: MITRE

Published: 2016-06-16

Updated: 2021-01-25

Type: CWE-399

Risk Information

CVSS v2

Base Score: 7.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*

cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*

cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*

Tenable Plugins

View all (24 total)

IDNameProductFamilySeverity
129256EulerOS 2.0 SP3 : expat (EulerOS-SA-2019-2063)NessusHuawei Local Security Checks
high
126869EulerOS 2.0 SP2 : expat (EulerOS-SA-2019-1742)NessusHuawei Local Security Checks
high
126540EulerOS Virtualization for ARM 64 3.0.2.0 : expat (EulerOS-SA-2019-1698)NessusHuawei Local Security Checks
high
126293EulerOS 2.0 SP5 : expat (EulerOS-SA-2019-1666)NessusHuawei Local Security Checks
high
109583Slackware 14.0 / 14.1 / 14.2 / current : python (SSA:2018-124-01)NessusSlackware Local Security Checks
critical
103796FreeBSD : Python 2.7 -- multiple vulnerabilities (9164f51e-ae20-11e7-a633-009c02a2ab30)NessusFreeBSD Local Security Checks
critical
100027Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)NessusMacOS X Local Security Checks
critical
100026Apple iTunes < 12.6 Multiple Vulnerabilities (uncredentialed check)NessusPeer-To-Peer File Sharing
critical
100025Apple iTunes < 12.6 Multiple Vulnerabilities (credentialed check)NessusWindows
critical
97280openSUSE Security Update : expat (openSUSE-2017-260)NessusSuSE Local Security Checks
high
97080SUSE SLED12 / SLES12 Security Update : expat (SUSE-SU-2017:0424-1)NessusSuSE Local Security Checks
high
97065SUSE SLES11 Security Update : expat (SUSE-SU-2017:0415-1)NessusSuSE Local Security Checks
high
96415GLSA-201701-21 : Expat: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
96337Tenable Passive Vulnerability Scanner 5.x < 5.2.0 Multiple Vulnerabilities (SWEET32)NessusMisc.
critical
96092Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : expat (SSA:2016-359-01)NessusSlackware Local Security Checks
critical
94301F5 Networks BIG-IP : Expat XML library vulnerability (K70938105)NessusF5 Networks Local Security Checks
high
92229Fedora 22 : expat (2016-0fd6ca526a)NessusFedora Local Security Checks
critical
92117Fedora 24 : expat (2016-7c6e7a9265)NessusFedora Local Security Checks
critical
92102Fedora 23 : expat (2016-60889583ab)NessusFedora Local Security Checks
critical
91729Ubuntu 12.04 LTS : xmlrpc-c vulnerabilities (USN-3013-1)NessusUbuntu Local Security Checks
critical
91726Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : expat vulnerabilities (USN-3010-1)NessusUbuntu Local Security Checks
high
91526FreeBSD : expat -- multiple vulnerabilities (c9c252f5-2def-11e6-ae88-002590263bf5)NessusFreeBSD Local Security Checks
high
91523Debian DLA-508-1 : expat security updateNessusDebian Local Security Checks
high
91506Debian DSA-3597-1 : expat - security updateNessusDebian Local Security Checks
high