Computer Security

Apache Santuario library buffer overflow
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Apache Santuario library buffer overflow
Published:11.07.2011
Source:BUGTRAQ
SecurityVulns ID:11773
Type:library
Level:7/10
Description:Buffer overflow on oversized key.
Affected:APACHE : Santuario 1.6
CVE:CVE-2011-2516 (Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.)
Original documentdocumentCantor, Scott E., Security Advisory: CVE-2011-2516 (11.07.2011)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru