CVE-2016-0718

CRITICAL

Expat - Buffer Overflow

Title source: llm

Description

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

References (30)

... and 10 more

Scores

CVSS v3 9.8
EPSS 0.0283
EPSS Percentile 86.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-119
Status draft

Affected Products (22)

mozilla/firefox < 48.0
apple/mac_os_x < 10.11.5
suse/linux_enterprise_debuginfo
suse/studio_onsite
suse/linux_enterprise_server
suse/linux_enterprise_software_development_kit
opensuse/leap
suse/linux_enterprise_desktop
suse/linux_enterprise_desktop
suse/linux_enterprise_server
suse/linux_enterprise_server
suse/linux_enterprise_software_development_kit
suse/linux_enterprise_software_development_kit
canonical/ubuntu_linux
canonical/ubuntu_linux
... and 7 more

Timeline

Published May 26, 2016
Tracked Since Feb 18, 2026