Scientific Linux Security Update : xerces-c on SL7.x x86_64
High Nessus Plugin ID 89864
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionIt was discovered that the Xerces-C XML parser did not properly process certain XML input. By providing specially crafted XML data to an application using Xerces-C for XML processing, a remote attacker could exploit this flaw to cause an application crash or, possibly, execute arbitrary code with the privileges of the application.
After installing the update, all applications using Xerces-C must be restarted for the update to take effect.
SolutionUpdate the affected packages.