Description
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.
Remediation
References
Related Vulnerabilities
MySQL CVE-2022-21378 Vulnerability (CVE-2022-21378)
OpenSSL Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1473)
Oracle HTTP Server Other Vulnerability (CVE-1999-1068)
WordPress Plugin Clone Information Disclosure (2.4.2)
WordPress Plugin YouTube Cross-Site Request Forgery (11.8.1)