doc/html/secadv/CVE-2018-1311.txt - xerces-c - Git at Google

 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512

 CVE-2018-1311: Apache Xerces-C use-after-free vulnerability processing external DTD

 Severity: High

 Vendor: The Apache Software Foundation

 Versions Affected: Apache Xerces-C XML Parser library (all known versions)

 Description: The Xerces-C XML parser contains a use-after-free error
 triggered during the scanning of external DTDs.

 The bug allows for a denial of service attack in applications that allow
 external DTD processing and do not prevent external DTD usage, and could
 conceivably result in remote code execution if the heap were groomed.

 Mitigation: This flaw has not been addressed in the maintained version
 of the library and has no current mitigation other than to disable DTD
 processing. This can be accomplished via the DOM using a standard parser
 feature, or via SAX using the XERCES_DISABLE_DTD environment variable.

 Applications should strongly consider blocking remote entity resolution
 and/or disabling of DTD processing in light of the continued
 identification of bugs in this area of the library.

 Credit: This issue was reported by the UK's National Cyber Security
 Centre (NCSC).

 References:
 http://xerces.apache.org/xerces-c/secadv/CVE-2018-1311.txt

 -----BEGIN PGP SIGNATURE-----

 iQIzBAEBCgAdFiEE3KoVAHvtneaQzZUjN4uEVAIneWIFAl34DFIACgkQN4uEVAIn
 eWIbtQ/9Gv7gURR24J5yx+R69O4bnGsgHPaHea7VWh4bs4H/mYli3ewZBwzkuTz1
 +Ib6RN8QXT9FA4+TVBCQua2/EBlpnpNMHPp6+GDWISrPYworJGV9FDrCDfqB+BR2
 Li68pH/wlFgqCLMsdUSm7lKU9n+rflW8kx3AsqBlggcrfGTh7XJaImHelOXuRqw/
 QumnckDQQkEgPHxGVE5h2uYvwj1HsyU/czqqWVAHC1rzdXI9syGGOO9xoNCjB70d
 rMi+XEDTuyzqY6SIjM1NLbFyX8cs9CDM4IhQeG+XNQUE9VnvLu1dHY/IqvS9jDrO
 HD4J0ID/rnbxSou3BTaMKGr/TkJHanniZhXJxZujDI7ksEbMBemB7ROwCcQLQ8Z8
 B3QKfCQwjIGmBMaDafElyrbIp74+Vpq3eY6itFOGCQE7f+rXu3qxEk5njsdBsJYV
 s47v9f0v65O0FE5l7yPi3zhkonCfHaMTw08SboY2YqWJf9A1YJZOs1PF1SNU+D/p
 rM2ydwP5F9OPlwm/uLCfRd+hl2etM0UJBcL1V/tP0ORoEZUF1+ZEZckDQ9Cnr2eY
 6Dgd+dmTk5nxjPmsQZPHb4QXsQHbq1HCU5/oJug56SatJ0H0ffj48XXjd1UlBEIk
 v5Eo3+ahPxXBuSgc77naLcisSy3H3+qL6VDMpq6qK1IC/PXvaz0=
 =zDeT
 -----END PGP SIGNATURE-----
	-----BEGIN PGP SIGNED MESSAGE-----
	Hash: SHA512

	CVE-2018-1311: Apache Xerces-C use-after-free vulnerability processing external DTD

	Severity: High

	Vendor: The Apache Software Foundation

	Versions Affected: Apache Xerces-C XML Parser library (all known versions)

	Description: The Xerces-C XML parser contains a use-after-free error
	triggered during the scanning of external DTDs.

	The bug allows for a denial of service attack in applications that allow
	external DTD processing and do not prevent external DTD usage, and could
	conceivably result in remote code execution if the heap were groomed.

	Mitigation: This flaw has not been addressed in the maintained version
	of the library and has no current mitigation other than to disable DTD
	processing. This can be accomplished via the DOM using a standard parser
	feature, or via SAX using the XERCES_DISABLE_DTD environment variable.

	Applications should strongly consider blocking remote entity resolution
	and/or disabling of DTD processing in light of the continued
	identification of bugs in this area of the library.

	Credit: This issue was reported by the UK's National Cyber Security
	Centre (NCSC).

	References:
	http://xerces.apache.org/xerces-c/secadv/CVE-2018-1311.txt

	-----BEGIN PGP SIGNATURE-----

	iQIzBAEBCgAdFiEE3KoVAHvtneaQzZUjN4uEVAIneWIFAl34DFIACgkQN4uEVAIn
	eWIbtQ/9Gv7gURR24J5yx+R69O4bnGsgHPaHea7VWh4bs4H/mYli3ewZBwzkuTz1
	+Ib6RN8QXT9FA4+TVBCQua2/EBlpnpNMHPp6+GDWISrPYworJGV9FDrCDfqB+BR2
	Li68pH/wlFgqCLMsdUSm7lKU9n+rflW8kx3AsqBlggcrfGTh7XJaImHelOXuRqw/
	QumnckDQQkEgPHxGVE5h2uYvwj1HsyU/czqqWVAHC1rzdXI9syGGOO9xoNCjB70d
	rMi+XEDTuyzqY6SIjM1NLbFyX8cs9CDM4IhQeG+XNQUE9VnvLu1dHY/IqvS9jDrO
	HD4J0ID/rnbxSou3BTaMKGr/TkJHanniZhXJxZujDI7ksEbMBemB7ROwCcQLQ8Z8
	B3QKfCQwjIGmBMaDafElyrbIp74+Vpq3eY6itFOGCQE7f+rXu3qxEk5njsdBsJYV
	s47v9f0v65O0FE5l7yPi3zhkonCfHaMTw08SboY2YqWJf9A1YJZOs1PF1SNU+D/p
	rM2ydwP5F9OPlwm/uLCfRd+hl2etM0UJBcL1V/tP0ORoEZUF1+ZEZckDQ9Cnr2eY
	6Dgd+dmTk5nxjPmsQZPHb4QXsQHbq1HCU5/oJug56SatJ0H0ffj48XXjd1UlBEIk
	v5Eo3+ahPxXBuSgc77naLcisSy3H3+qL6VDMpq6qK1IC/PXvaz0=
	=zDeT
	-----END PGP SIGNATURE-----