EulerOS 2.0 SP1 : xerces-c (EulerOS-SA-2016-1004)
High Nessus Plugin ID 99767
SynopsisThe remote EulerOS host is missing a security update.
DescriptionAccording to the version of the xerces-c package installed, the EulerOS installation on the remote host is affected by the following vulnerability :
- It was discovered that the Xerces-C XML parser did not properly process certain XML input. By providing specially crafted XML data to an application using Xerces-C for XML processing, a remote attacker could exploit this flaw to cause an application crash or, possibly, execute arbitrary code with the privileges of the application.(CVE-2016-0729)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected xerces-c package.