Vulnetix
Try Vulnetix Request Demo
CVE-2015-1283 PUBLISHED

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.

EPSS 0.52% · 66.7th percentile

Risk Scores

EPSS Score
0.52%
66.7th percentile

Affected Products

VendorProductVersions
Salesforceflow
Ubuntu:25.10xmlrpc-c1.59.03-10.1, 0, 1.59.03-7
Ubuntu:16.04:LTScableswig0.1.0+git20150808-1, 0.1.0+git20150808-2, 0
Ubuntu:18.04:LTSxmlrpc-c0, 1.33.14-8, 1.33.14-8build1
Ubuntu:25.10matanza0.13+ds2-2, 0
Ubuntu:20.04:LTSmatanza0.13+ds2-1, 0.13+ds1-6, 0
Ubuntu:Pro:22.04:LTSlibxmltok1.2-4ubuntu0.22.04.1~esm1, 0, 1.2-4
Ubuntu:Pro:20.04:LTSlibxmltok1.2-4ubuntu0.20.04.1~esm3, 1.2-4ubuntu0.20.04.1~esm1, 1.2-4
Ubuntu:14.04:LTSchromium-browser37.0.2062.120-0ubuntu0.14.04.1~pkg1049, 39.0.2171.65-0ubuntu0.14.04.1.1064, 40.0.2214.94-0ubuntu0.14.04.1.1068
Ubuntu:25.10cadaver0, 0.26+dfsg-2
Ubuntu:22.04:LTSxmlrpc-c1.33.14-10, 1.33.14-9, 0
Ubuntu:20.04:LTScoin30, 4.0.0~CMake~6f54f1602475+ds1-3, 4.0.0+ds-1build1
Ubuntu:20.04:LTSxmlrpc-c0, 1.33.14-8build2, 1.33.14-8build1
Ubuntu:20.04:LTScadaver0, 0.23.3-2.1build1
Ubuntu:16.04:LTSswish-e2.4.7-4build1, 2.4.7-4, 0
Ubuntu:18.04:LTSvnc40, 4.1.1+xorg4.3.0-37.3ubuntu2
Ubuntu:16.04:LTSmatanza0.13+ds1-5, 0
Ubuntu:24.04:LTSxmlrpc-c1.33.14-12, 1.33.14-12build1, 1.33.14-12build2
Ubuntu:Pro:14.04:LTSvnc40, 4.1.1+xorg4.3.0-37ubuntu5, 4.1.1+xorg4.3.0-37ubuntu5.0.2
Ubuntu:22.04:LTSmatanza0, 0.13+ds2-1

…and 28 more

Timeline

References

Open in Interactive Console →