Red Hat Bugzilla – Bug 978988
CVE-2013-2210 xml-security-c: Heap-buffer overflow during XPointer evaluation
Last modified: 2016-03-04 06:50:10 EST
A heap-based buffer overflow flaw was found in the way xml-security-c, a C++ implementation of the XML Digital Signature specification, used to evaluate certain XPointer expressions. The fix to address CVE-2013-2154 flaw introduced a possibility of a heap-based buffer overflow, in the processing of malformed XPointer expression in the XML Signature References processing code. A remote attacker could provide a specially-crafted XML file to an application linked against xml-security-c that, when processed would lead to that application crash or, potentially, arbitrary code execution with the privileges of the user running the application.
Relevant upstream patch:
Created xml-security-c tracking bugs for this issue:
Affects: fedora-all [bug 978990]
Affects: epel-all [bug 978991]