oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2016-2099: use-after-free in Xerces 3.1.3

From: Gustavo Grieco <gustavo.grieco () gmail com>
Date: Mon, 9 May 2016 19:28:12 +0200
Hi,

We found a use-after-free in Xerces 3.1.3 parsing an xml file (also
affecting older versions). Technical details and a patch are available
here:

https://issues.apache.org/jira/browse/XERCESC-2066

Regards,
Gustavo.
Previous By Date Next
Previous By Thread Next

Current thread: