Description
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.
Remediation
References
Related Vulnerabilities
WordPress Plugin SVG Support Cross-Site Scripting (2.4.2)
WordPress Plugin HyperComments Arbitrary File Deletion (1.2.2)
Oracle Application Server Other Vulnerability (CVE-2000-1236)
WordPress Plugin CM Answers Cross-Site Scripting (2.6.1)
WordPress Plugin Wordfence Security-Firewall & Malware Scan Multiple Vulnerabilities (5.2.3)