Oval Definition:	oval:com.ubuntu.disco:def:201620990000000
Revision Date: 2016-05-13 Version: 1 Title: CVE-2016-2099 on Ubuntu 19.04 (disco) - medium. Description: Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document. It was discovered that Xerces-C XML Parser mishandles certain kinds of external DTD references, resulting in a user-after-free. An attacker could use this vulnerability to cause a denial of service (crash) or possibly execute arbitrary code. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-2099 Platform(s): Ubuntu 19.04 Product(s): Definition Synopsis Ubuntu 19.04 (disco) is installed. AND xerces-c package in disco, is related to the CVE in some way and has been fixed (note: '3.1.3+debian-2').
BACK