CVE-2018-1311

HIGH

Apache Xerces-c++ < 3.2.5 - Use After Free

Title source: rule
STIX 2.1

Description

The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable.

Exploits (1)

nomisec STUB
by johnjamesmccann · poc
https://github.com/johnjamesmccann/xerces-3.2.3-DTD-hotfix

References (15)

Core 15
Core References
Third Party Advisory vendor-advisory
https://access.redhat.com/errata/RHSA-2020:0704
Third Party Advisory vendor-advisory
https://access.redhat.com/errata/RHSA-2020:0702
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2020/12/msg00025.html
Third Party Advisory vendor-advisory
https://www.debian.org/security/2020/dsa-4814
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2023/12/msg00027.html
Mailing List, Third Party Advisory mailing-list
http://www.openwall.com/lists/oss-security/2024/02/16/1

Scores

CVSS v3 8.1
EPSS 0.0417
EPSS Percentile 88.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (15)
apache/xerces-c\+\+ 3.0.0 - 3.2.5
debian/debian_linux 9.0
debian/debian_linux 10.0
fedoraproject/fedora 38
fedoraproject/fedora 39
oracle/goldengate < 21.4.0.0.0
redhat/enterprise_linux_desktop 6.0
redhat/enterprise_linux_desktop 7.0
redhat/enterprise_linux_eus 7.7
redhat/enterprise_linux_server 6.0
... and 5 more
Published Dec 18, 2019
Tracked Since Feb 18, 2026