Уязвимость CVE-2015-1283: Информация

Описание

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.

Важность: MEDIUM (6,8)

Исправленные пакеты

Ссылки на рекомендации, решения и инструменты

1. Подверженные конфигурации:

   1. Конфигурация 1

      cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

      End including

      43.0.2357.134

      ---

      Конфигурация 2

      cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*

      End including

      2.1.0

      ---

      Конфигурация 3

      cpe:2.3:a:python:python:*:*:*:*:*:*:*:*

      Start including

      3.3.0

      End excliding

      3.3.7

      ---

      cpe:2.3:a:python:python:*:*:*:*:*:*:*:*

      Start including

      3.5.0

      End excliding

      3.5.2

      ---

      cpe:2.3:a:python:python:*:*:*:*:*:*:*:*

      Start including

      3.4.0

      End excliding

      3.4.5

      ---

      cpe:2.3:a:python:python:*:*:*:*:*:*:*:*

      Start including

      2.7.0

      End excliding

      2.7.12

      ---

      Конфигурация 4

      cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

      ---

      Конфигурация 5

      cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

      ---

      cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*

      ---

      Конфигурация 6

      cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*

      ---

      cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*

      ---

      cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*

      ---

      cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*

      ---

      cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*

      ---

      cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*

      ---

      cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*

      ---

      cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*

      ---

      cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*

      ---

      Конфигурация 7

      cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*

      ---