CVE-2016-0718

CVSS v3.1 9.8 (Critical)

CVSS v2.0 7.5 (High)

EPSS 0.81 % (82^th)

Affected Products 14

Advisories 25

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

Weaknesses

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

Related CVEs

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2016-05-26 16:59:00
(8 years ago)
Updated Date: 2023-02-12 23:15:50
(19 months ago)

Affected Products

Opensuse

Python

Python

Suse

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox prior 48.0 version	cpe:2.3:a:mozilla:firefox		< 48.0

Configuration #2

		CPE23	From	Up To
	Apple Mac Os X from 10.11.0 version and 10.11.5 and prior versions	cpe:2.3:o:apple:mac_os_x	>= 10.11.0	<= 10.11.5

Configuration #3

		CPE23	From	Up To
	Suse Linux Enterprise Debuginfo 11 SP4	cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4
	Suse Studio Onsite 1.3	cpe:2.3:a:suse:studio_onsite:1.3
	Suse Linux Enterprise Server 11 SP4	cpe:2.3:o:suse:linux_enterprise_server:11:sp4
	Suse Linux Enterprise Software Development Kit 11 SP4	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4

Configuration #4

		CPE23	From	Up To
	Opensuse Leap 42.1	cpe:2.3:o:opensuse:leap:42.1

Configuration #5

		CPE23	From	Up To
	Suse Linux Enterprise Desktop 12	cpe:2.3:o:suse:linux_enterprise_desktop:12:-
	Suse Linux Enterprise Desktop 12 SP1	cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1
	Suse Linux Enterprise Server 12	cpe:2.3:o:suse:linux_enterprise_server:12:-
	Suse Linux Enterprise Server 12 SP1	cpe:2.3:o:suse:linux_enterprise_server:12:sp1
	Suse Linux Enterprise Software Development Kit 12	cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-
	Suse Linux Enterprise Software Development Kit 12 SP1	cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1

Configuration #6

		CPE23	From	Up To
	Canonical Ubuntu Linux 12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:::*:lts
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:lts
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts

Configuration #7

		CPE23	From	Up To
	Libexpat Project Libexpat prior 2.2.0 version	cpe:2.3:a:libexpat_project:libexpat		< 2.2.0

Configuration #8

		CPE23	From	Up To
	Debian Linux 8.0	cpe:2.3:o:debian:debian_linux:8.0

Configuration #9

		CPE23	From	Up To
	Opensuse 13.1	cpe:2.3:o:opensuse:opensuse:13.1
	Opensuse 13.2	cpe:2.3:o:opensuse:opensuse:13.2

Configuration #10

		CPE23	From	Up To
	Mcafee Policy Auditor prior 6.5.1 version	cpe:2.3:a:mcafee:policy_auditor		< 6.5.1

Configuration #11

	CPE23	From	Up To
Python from 2.7.0 version and prior 2.7.15 version	cpe:2.3:a:python:python	>= 2.7.0	< 2.7.15
Python from 3.3.0 version and prior 3.3.7 version	cpe:2.3:a:python:python	>= 3.3.0	< 3.3.7
Python from 3.4.0 version and prior 3.4.7 version	cpe:2.3:a:python:python	>= 3.4.0	< 3.4.7
Python from 3.5.0 version and prior 3.5.4 version	cpe:2.3:a:python:python	>= 3.5.0	< 3.5.4
Python from 3.6.0 version and prior 3.6.2 version	cpe:2.3:a:python:python	>= 3.6.0	< 3.6.2