« List of all CVEs

CVE-2016-4472

Published: 6/30/2016 Last updated: 8/6/2024 Reserved: 5/2/2016

The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (11)

conf-expat conf-gtk2 conf-gtk3 conf-python-2-7 conf-python-2-7-dev conf-python-3 conf-python-3-7 conf-python-3-dev ocaml-expat py termbox

Products affected (1)

Product Vendor Version
n/a n/a 2012 R2

References (14)