Showing 1 - 10 of 10

CVE-2013-0340

Status Candidate

Overview

expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.

Related Files

Apple Security Advisory 2021-10-26-11: Posted Oct 28, 2021; Authored by Apple | Site apple.com; Apple Security Advisory 2021-10-26-11 - tvOS 15 addresses bypass, code execution, denial of service, out of bounds read, and use-after-free vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | apple; advisories | CVE-2013-0340, CVE-2021-30808, CVE-2021-30809, CVE-2021-30810, CVE-2021-30814, CVE-2021-30818, CVE-2021-30823, CVE-2021-30831, CVE-2021-30834, CVE-2021-30835, CVE-2021-30836, CVE-2021-30837, CVE-2021-30840, CVE-2021-30841, CVE-2021-30842, CVE-2021-30843, CVE-2021-30846, CVE-2021-30847, CVE-2021-30849, CVE-2021-30850, CVE-2021-30851, CVE-2021-30852, CVE-2021-30854, CVE-2021-30857, CVE-2021-30866, CVE-2021-30884; SHA-256 | ebc2c5586dda25fcb5f1755935d9df8d22fe96d473608b04490304ef6ab1c4c2; Download | Favorite | View

Apple Security Advisory 2021-10-26-10: Posted Oct 28, 2021; Authored by Apple | Site apple.com; Apple Security Advisory 2021-10-26-10 - watchOS 8 addresses bypass, code execution, denial of service, out of bounds read, and use-after-free vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | apple; advisories | CVE-2013-0340, CVE-2021-30808, CVE-2021-30809, CVE-2021-30810, CVE-2021-30811, CVE-2021-30814, CVE-2021-30818, CVE-2021-30823, CVE-2021-30831, CVE-2021-30834, CVE-2021-30835, CVE-2021-30836, CVE-2021-30837, CVE-2021-30840, CVE-2021-30841, CVE-2021-30842, CVE-2021-30843, CVE-2021-30846, CVE-2021-30847, CVE-2021-30849, CVE-2021-30851, CVE-2021-30852, CVE-2021-30854, CVE-2021-30855, CVE-2021-30857, CVE-2021-30866; SHA-256 | c5261977f132d063b33bfb8ae7574fbc455fc4460c7118b7e500205e5c5300a6; Download | Favorite | View

Apple Security Advisory 2021-10-26-9: Posted Oct 28, 2021; Authored by Apple | Site apple.com; Apple Security Advisory 2021-10-26-9 - iOS 15 and iPadOS 15 addresses code execution, denial of service, out of bounds read, spoofing, and use-after-free vulnerabilities.; tags | advisory, denial of service, spoof, vulnerability, code execution; systems | apple, ios; advisories | CVE-2013-0340, CVE-2021-30808, CVE-2021-30809, CVE-2021-30810, CVE-2021-30811, CVE-2021-30814, CVE-2021-30815, CVE-2021-30816, CVE-2021-30818, CVE-2021-30819, CVE-2021-30825, CVE-2021-30826, CVE-2021-30831, CVE-2021-30834, CVE-2021-30835, CVE-2021-30836, CVE-2021-30837, CVE-2021-30838, CVE-2021-30840, CVE-2021-30841, CVE-2021-30842, CVE-2021-30843, CVE-2021-30846, CVE-2021-30847, CVE-2021-30848, CVE-2021-30849; SHA-256 | 58d06760b57771902a8c3f6b64d1ccec806b30ce2ef20836de59cb0ce4327904; Download | Favorite | View

Apple Security Advisory 2021-09-20-8: Posted Sep 22, 2021; Authored by Apple | Site apple.com; Apple Security Advisory 2021-09-20-8 - Security Update 2021-005 Catalina addresses buffer overflow, bypass, code execution, denial of service, integer overflow, and out of bounds read vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2013-0340, CVE-2020-29622, CVE-2021-22925, CVE-2021-30713, CVE-2021-30783, CVE-2021-30827, CVE-2021-30828, CVE-2021-30829, CVE-2021-30830, CVE-2021-30832, CVE-2021-30835, CVE-2021-30841, CVE-2021-30842, CVE-2021-30843, CVE-2021-30844, CVE-2021-30847, CVE-2021-30850, CVE-2021-30855, CVE-2021-30857, CVE-2021-30859, CVE-2021-30860, CVE-2021-30865; SHA-256 | 79bf45f74bddb8486f12ed4c29b3e71e76e1ff0dc36d435c9b6adc6c23122cc0; Download | Favorite | View

Apple Security Advisory 2021-09-20-7: Posted Sep 22, 2021; Authored by Apple | Site apple.com; Apple Security Advisory 2021-09-20-7 - macOS Big Sur 11.6 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds read, and use-after-free vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2013-0340, CVE-2021-22925, CVE-2021-30827, CVE-2021-30828, CVE-2021-30829, CVE-2021-30830, CVE-2021-30832, CVE-2021-30841, CVE-2021-30842, CVE-2021-30843, CVE-2021-30844, CVE-2021-30845, CVE-2021-30847, CVE-2021-30850, CVE-2021-30853, CVE-2021-30855, CVE-2021-30857, CVE-2021-30858, CVE-2021-30859, CVE-2021-30860, CVE-2021-30865; SHA-256 | 1b7116003ae9324faabf7c874f2002ab9bb8a2edd95f965df9b3b9f451f0674a; Download | Favorite | View

Apple Security Advisory 2021-09-20-6: Posted Sep 22, 2021; Authored by Apple | Site apple.com; Apple Security Advisory 2021-09-20-6 - iOS 14.8 and iPadOS 14.8 addresses code execution, denial of service, integer overflow, and use-after-free vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple, ios; advisories | CVE-2013-0340, CVE-2021-30820, CVE-2021-30841, CVE-2021-30842, CVE-2021-30843, CVE-2021-30846, CVE-2021-30848, CVE-2021-30849, CVE-2021-30855, CVE-2021-30857, CVE-2021-30858, CVE-2021-30859, CVE-2021-30860; SHA-256 | b4bb452003d59697e054354295ed98806d13ed94329af6f68cfea0ee37b1afc6; Download | Favorite | View

Apple Security Advisory 2021-09-20-3: Posted Sep 22, 2021; Authored by Apple | Site apple.com; Apple Security Advisory 2021-09-20-3 - tvOS 15 addresses code execution and denial of service vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | apple; advisories | CVE-2013-0340, CVE-2021-30810, CVE-2021-30835, CVE-2021-30837, CVE-2021-30841, CVE-2021-30842, CVE-2021-30843, CVE-2021-30846, CVE-2021-30847, CVE-2021-30849, CVE-2021-30850, CVE-2021-30851, CVE-2021-30854, CVE-2021-30857; SHA-256 | f99e4a59e3162074fd25d9c0203298f65b269e400c4ac2bfea4838990ff4d02d; Download | Favorite | View

Apple Security Advisory 2021-09-20-2: Posted Sep 22, 2021; Authored by Apple | Site apple.com; Apple Security Advisory 2021-09-20-2 - watchOS 8 addresses code execution and denial of service vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | apple; advisories | CVE-2013-0340, CVE-2021-30810, CVE-2021-30811, CVE-2021-30835, CVE-2021-30837, CVE-2021-30841, CVE-2021-30842, CVE-2021-30843, CVE-2021-30846, CVE-2021-30847, CVE-2021-30849, CVE-2021-30851, CVE-2021-30854, CVE-2021-30855, CVE-2021-30857; SHA-256 | 81cbe9c33ec00646f35a9f6941b76f9f5953d8ccc7315479e363acd9ec1d7b45; Download | Favorite | View

Apple Security Advisory 2021-09-20-1: Posted Sep 22, 2021; Authored by Apple | Site apple.com; Apple Security Advisory 2021-09-20-1 - iOS 15 and iPadOS 15 addresses code execution, denial of service, out of bounds read, and spoofing vulnerabilities.; tags | advisory, denial of service, spoof, vulnerability, code execution; systems | apple, ios; advisories | CVE-2013-0340, CVE-2021-30810, CVE-2021-30811, CVE-2021-30815, CVE-2021-30819, CVE-2021-30825, CVE-2021-30826, CVE-2021-30835, CVE-2021-30837, CVE-2021-30838, CVE-2021-30841, CVE-2021-30842, CVE-2021-30843, CVE-2021-30846, CVE-2021-30847, CVE-2021-30848, CVE-2021-30849, CVE-2021-30851, CVE-2021-30854, CVE-2021-30855, CVE-2021-30857, CVE-2021-30863; SHA-256 | ca197fe83268b6c85bafa1f728899b30b12b55a6bc3ddb2113b0de274526853e; Download | Favorite | View

Gentoo Linux Security Advisory 201701-21: Posted Jan 11, 2017; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201701-21 - Multiple vulnerabilities have been found in Expat, the worst of which may allow execution of arbitrary code. Versions less than 2.2.0-r1 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2012-6702, CVE-2013-0340, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300; SHA-256 | 73f628f33cf75bb2a7b04cf0934d009261b4c570e6e337d0bca9e29b8d571fd1; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 291 files
Ubuntu 63 files
LiquidWorm 29 files
indoushka 20 files
Debian 19 files
Apple 10 files
Google Security Research 7 files
Chokri Hammedi 3 files
Jann Horn 3 files
Emiliano Febbi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,154)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,795)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,227)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,962)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2013-0340

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems