VDB
GCVE-110-MAGEIA-2013-193
GCVE-110-MAGEIA-2013-193
Advisory Published
The implementation of XML digital signatures in the Santuario-C++ library
is vulnerable to a spoofing issue allowing an attacker to reuse existing
signatures with arbitrary content (CVE-2013-2153).
A stack overflow, possibly leading to arbitrary code execution, exists in
the processing of malformed XPointer expressions in the XML Signature
Reference processing code (CVE-2013-2154).
A bug in the processing of the output length of an HMAC-based XML
Signature would cause a denial of service when processing specially chosen
input (CVE-2013-2155).
A heap overflow exists in the processing of the PrefixList attribute
optionally used in conjunction with Exclusive Canonicalization, potentially
allowing arbitrary code execution (CVE-2013-2156).
The attempted fix to address CVE-2013-2154 introduced the possibility of a
heap overflow, possibly leading to arbitrary code execution, in the
processing of malformed XPointer expressions in the XML Signature Reference
processing code (CVE-2013-2210).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | xml-security-c | 0 (affected), 1.6.1-1.2.mga2 (unaffected) | — |
| Mageia | xml-security-c | 0 (affected), 1.7.0-2.2.mga3 (unaffected) | — |
References
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.