This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for xerces-c fixes the following security issues :
- CVE-2016-0729: Fix for mishandling certain kinds of
malformed input documents, resulting in buffer overlows
during processing and error reporting. The overflows can
manifest as a segmentation fault or as memory corruption
during a parse operation. (boo#966822)
- CVE-2015-0252: Fix for mishandling certain kinds of
malformed input documents, resulting in a segmentation
fault during a parse operation (boo#920810)
See also :
Update the affected xerces-c packages.
Risk factor :
High / CVSS Base Score : 7.5