oss-sec mailing list archives
CVE-2016-2099: use-after-free in Xerces 3.1.3
From: Gustavo Grieco <gustavo.grieco () gmail com>
Date: Mon, 9 May 2016 19:28:12 +0200
Hi, We found a use-after-free in Xerces 3.1.3 parsing an xml file (also affecting older versions). Technical details and a patch are available here: https://issues.apache.org/jira/browse/XERCESC-2066 Regards, Gustavo.
Current thread:
- CVE-2016-2099: use-after-free in Xerces 3.1.3 Gustavo Grieco (May 09)