ELSA-2015-1193 -- Oracle xerces-cID: oval:org.secpod.oval:def:1501053 | Date: (C)2015-07-02 (M)2023-02-13 |
Class: PATCH | Family: unix |
Xerces-C is a validating XML parser written in a portable subset of C++. A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash. All xerces-c users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.