cpe:/a:apache:xml_security_for_c%2b%2b:1.6.0 cpe:/a:shibboleth:shibboleth-sp:1.3.1 cpe:/a:shibboleth:shibboleth-sp:1.3.2 cpe:/a:shibboleth:shibboleth-sp:1.3.3 cpe:/a:shibboleth:shibboleth-sp:1.3.4 cpe:/a:shibboleth:shibboleth-sp:1.3.5 cpe:/a:shibboleth:shibboleth-sp:1.3f cpe:/a:shibboleth:shibboleth-sp:2.0 cpe:/a:shibboleth:shibboleth-sp:2.1 cpe:/a:shibboleth:shibboleth-sp:2.2 cpe:/a:shibboleth:shibboleth-sp:2.2.1 cpe:/a:shibboleth:shibboleth-sp:2.3 cpe:/a:shibboleth:shibboleth-sp:2.3.1 cpe:/a:shibboleth:shibboleth-sp:2.4 cpe:/a:shibboleth:shibboleth-sp:2.4.1 cpe:/a:shibboleth:shibboleth-sp:2.4.2 CVE-2011-2516 2011-07-11T16:55:01.380-04:00 2017-08-28T21:29:26.330-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2011-07-12T10:31:00.000-04:00 SECTRACK 1025755 BUGTRAQ 20110707 Security Advisory: CVE-2011-2516 SECUNIA 45151 SECUNIA 45191 SECUNIA 45198 SECUNIA 45491 BID 48611 DEBIAN DSA-2277 FEDORA FEDORA-2011-9494 FEDORA FEDORA-2011-9501 XF apache-xml-dos(68420) CONFIRM http://santuario.apache.org/secadv/CVE-2011-2516.txt CONFIRM http://shibboleth.internet2.edu/secadv/secadv_20110706.txt CONFIRM https://issues.apache.org/jira/browse/SANTUARIO-271 Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.