Candidate: CVE-2016-2099
PublicDate: 2016-05-13 14:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2099
 https://issues.apache.org/jira/browse/XERCESC-2066
Description:
 Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache
 Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have
 unspecified impact via an invalid character in an XML document.
Ubuntu-Description:
 It was discovered that Xerces-C XML Parser mishandles certain kinds of
 external DTD references, resulting in a user-after-free. An attacker could use
 this vulnerability to cause a denial of service (crash) or possibly execute
 arbitrary code.
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823863
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_xerces-c:
 upstream: http://svn.apache.org/viewvc?view=revision&revision=1747619
upstream_xerces-c: needs-triage
precise_xerces-c: ignored (reached end-of-life)
precise/esm_xerces-c: DNE (precise was needed)
trusty_xerces-c: released (3.1.1-5.1+deb8u2build0.14.04.1)
trusty/esm_xerces-c: released (3.1.1-5.1+deb8u2build0.14.04.1)
vivid/stable-phone-overlay_xerces-c: DNE
vivid/ubuntu-core_xerces-c: DNE
wily_xerces-c: released (3.1.1-5.1+deb8u2build0.15.10.1)
xenial_xerces-c: ignored (end of standard support, was needed)
yakkety_xerces-c: not-affected (3.1.3+debian-2)
zesty_xerces-c: not-affected (3.1.3+debian-2)
artful_xerces-c: not-affected (3.1.3+debian-2)
bionic_xerces-c: not-affected (3.1.3+debian-2)
cosmic_xerces-c: not-affected (3.1.3+debian-2)
disco_xerces-c: not-affected (3.1.3+debian-2)
eoan_xerces-c: not-affected (3.1.3+debian-2)
focal_xerces-c: not-affected (3.1.3+debian-2)
groovy_xerces-c: not-affected (3.1.3+debian-2)
hirsute_xerces-c: not-affected (3.1.3+debian-2)
impish_xerces-c: not-affected (3.1.3+debian-2)
jammy_xerces-c: not-affected (3.1.3+debian-2)
devel_xerces-c: not-affected (3.1.3+debian-2)