CVE-2016-4472 — HIGH (8.1) — White Hats Nepal

Q: How severe is CVE-2016-4472?

CVE-2016-4472 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2016-4472?

Check the references section above for vendor advisories and patch information. Affected products include: Libexpat Project Libexpat, Canonical Ubuntu Linux, Mcafee Policy Auditor, Python Python.

Vulnerability Description

The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Libexpat Project	Libexpat	<= 2.1.1
Canonical	Ubuntu Linux	12.04
Mcafee	Policy Auditor	< 6.5.1
Python	Python	>= 2.7.0, < 2.7.15

Related Weaknesses (CWE)

CWE-119

References

http://www.securityfocus.com/bid/91528Third Party AdvisoryVDB Entry
http://www.ubuntu.com/usn/USN-3013-1Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1344251Issue TrackingPatchThird Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10365Third Party Advisory
https://security.gentoo.org/glsa/201701-21Third Party Advisory
https://sourceforge.net/p/expat/code_git/ci/f0bec73b018caa07d3e75ec8dd967f3785d7PatchThird Party Advisory
https://www.tenable.com/security/tns-2016-20Third Party Advisory
http://www.securityfocus.com/bid/91528Third Party AdvisoryVDB Entry
http://www.ubuntu.com/usn/USN-3013-1Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1344251Issue TrackingPatchThird Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10365Third Party Advisory
https://security.gentoo.org/glsa/201701-21Third Party Advisory
https://sourceforge.net/p/expat/code_git/ci/f0bec73b018caa07d3e75ec8dd967f3785d7PatchThird Party Advisory
https://www.tenable.com/security/tns-2016-20Third Party Advisory

FAQ

What is CVE-2016-4472?

CVE-2016-4472 is a vulnerability with a CVSS score of 8.1 (HIGH). The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via c...

How severe is CVE-2016-4472?

CVE-2016-4472 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-4472?

Check the references section above for vendor advisories and patch information. Affected products include: Libexpat Project Libexpat, Canonical Ubuntu Linux, Mcafee Policy Auditor, Python Python.