Arch Linux Security Advisory ASA-201606-22 ========================================== Severity: Critical Date : 2016-06-25 CVE-ID : CVE-2016-2099 Package : xerces-c Type : arbitrary code execution Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package xerces-c before version 3.1.3-2 is vulnerable to arbitrary code execution. Resolution ========== Upgrade to 3.1.3-2. # pacman -Syu "xerces-c>=3.1.3-2" The problem has been fixed upstream in version 3.1.3. Workaround ========== None. Description =========== The DTDScanner fails to account for the fact that peeking characters in the XMLReader class can raise an exception if an invalid character is encountered, and the exception crosses stack frames in an unsafe way that causes a higher level exception handler to access an already-freed object. Impact ====== A remote attacker might be able to cause a denial of service or execute arbitrary code on the affected host by submitting a crafted DTD file. References ========== https://bugs.archlinux.org/task/49353 https://issues.apache.org/jira/browse/XERCESC-2066 http://www.openwall.com/lists/oss-security/2016/05/09/7 https://access.redhat.com/security/cve/CVE-2016-2099