Vulnerability Details : CVE-2016-0718
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Vulnerability category: OverflowExecute codeDenial of service
Threat overview for CVE-2016-0718
Top countries where our scanners detected CVE-2016-0718
Top open port discovered on systems with this issue
80
IPs affected by CVE-2016-0718 39,490
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2016-0718!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2016-0718
Probability of exploitation activity in the next 30 days: 0.41%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 70 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-0718
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
nvd@nist.gov |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
nvd@nist.gov |
CWE ids for CVE-2016-0718
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-0718
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html
[security-announce] SUSE-SU-2016:1508-1: important: Security update forThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1296102
1296102 – (CVE-2016-0718) CVE-2016-0718 expat: Out-of-bounds heap read on crafted input causing crashIssue Tracking;Third Party Advisory
-
https://support.apple.com/HT206903
About the security content of OS X El Capitan v10.11.6 and Security Update 2016-004 - Apple SupportThird Party Advisory
-
http://www.securitytracker.com/id/1036348
Apple macOS/OS X Multiple Flaws Let Remote and Local Users Deny Service, Obtain Potentially Sensitive Information, and Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html
[security-announce] openSUSE-SU-2016:2026-1: important: Security updateThird Party Advisory
-
https://security.gentoo.org/glsa/201701-21
Expat: Multiple vulnerabilities (GLSA 201701-21) — Gentoo securityThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-2824.html
RHSA-2016:2824 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1236923
1236923 - (CVE-2016-0718) Heap read out-of-bound and crash in expat 2.1.0Issue Tracking;Third Party Advisory
-
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
Oracle Solaris Bulletin - July 2016Third Party Advisory
-
https://www.tenable.com/security/tns-2016-20
[R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities - Security Advisory | Tenable®Third Party Advisory
-
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
Apple - Lists.apple.comMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html
[security-announce] openSUSE-SU-2016:1523-1: important: Security updateThird Party Advisory
-
http://www.securitytracker.com/id/1036415
Tenable Nessus Buffer Overflow in Expat Library Lets Remote Authenticated Users Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html
[security-announce] SUSE-SU-2016:1512-1: important: Security update forThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2983-1
USN-2983-1: Expat vulnerability | Ubuntu security noticesThird Party Advisory
-
http://www.securityfocus.com/bid/90729
Expat CVE-2016-0718 Buffer Overflow VulnerabilityThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html
[security-announce] openSUSE-SU-2016:1964-1: important: Security updateThird Party Advisory
-
http://www.securitytracker.com/id/1037705
IBM Security Network Protection Buffer Overflow in Expat Library Lets Remote Users Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.mozilla.org/security/announce/2016/mfsa2016-68.html
Out-of-bounds read during XML parsing in Expat library — MozillaThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html
[security-announce] openSUSE-SU-2016:1441-1: important: Security updateThird Party Advisory
-
http://www.ubuntu.com/usn/USN-3044-1
USN-3044-1: Firefox vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
CPU July 2018Patch;Third Party Advisory
-
http://packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.html
ESET Endpoint Antivirus 6 Remote Code Execution ≈ Packet StormThird Party Advisory;VDB Entry
-
https://source.android.com/security/bulletin/2016-11-01.html
Android Security Bulletin—November 2016 | Android Open Source ProjectThird Party Advisory
-
http://seclists.org/fulldisclosure/2017/Feb/68
Full Disclosure: CVE-2016-9892 - Remote Code Execution as Root via ESET Endpoint Antivirus 6Mailing List;Third Party Advisory
-
http://www.debian.org/security/2016/dsa-3582
Debian -- Security Information -- DSA-3582-1 expatThird Party Advisory
-
http://support.eset.com/ca6333/
Remote execution and privilege escalation vulnerabilities in ESET products for macOS fixed—ESET KnowledgebaseThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2016/05/17/12
oss-security - CVE-2016-0718: Expat XML Parser Crashes on Malformed InputMailing List;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2486
RHSA-2018:2486 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://kc.mcafee.com/corporate/index?page=content&id=SB10365
Security Bulletin - Policy Auditor update fixes multiple vulnerabilities in third-party libraries (CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2017-17740, CVE-2017-9287, CVE-2019-13057, CVE-2020-Third Party Advisory
Products affected by CVE-2016-0718
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*
- cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
- cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
- cpe:2.3:a:mcafee:policy_auditor:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
- cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*