CVE-2016-0718
Summary
| CVE | CVE-2016-0718 |
|---|---|
| State | PUBLISHED |
| Assigner | redhat |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-05-26 16:59:00 UTC |
| Updated | 2026-05-06 22:30:45 UTC |
| Description | Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow. |
Risk And Classification
Primary CVSS: v3.1 9.8 CRITICAL from [email protected]
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Problem Types: CWE-119 | n/a
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Primary | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 2.0 | [email protected] | Primary | 7.5 | AV:N/AC:L/Au:N/C:P/I:P/A:P |
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
NoneUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:L/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Apple | Mac Os X | All | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Debian | Debian Linux | 8.0 | All | All | All |
| Application | Libexpat Project | Libexpat | All | All | All | All |
| Application | Mcafee | Policy Auditor | All | All | All | All |
| Application | Mozilla | Firefox | All | All | All | All |
| Operating System | Opensuse | Leap | 42.1 | All | All | All |
| Operating System | Opensuse | Opensuse | 13.1 | All | All | All |
| Operating System | Opensuse | Opensuse | 13.2 | All | All | All |
| Application | Python | Python | All | All | All | All |
| Application | Suse | Linux Enterprise Debuginfo | 11 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 12 | - | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 12 | sp1 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Server | 12 | - | All | All |
| Operating System | Suse | Linux Enterprise Server | 12 | sp1 | All | All |
| Operating System | Suse | Linux Enterprise Software Development Kit | 11 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Software Development Kit | 12 | - | All | All |
| Operating System | Suse | Linux Enterprise Software Development Kit | 12 | sp1 | All | All |
| Application | Suse | Studio Onsite | 1.3 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Remote execution and privilege escalation vulnerabilities in ESET products for macOS fixed—ESET Knowledgebase | af854a3a-2127-422b-91ae-364da2661108 | support.eset.com | Third Party Advisory |
| [security-announce] SUSE-SU-2016:1508-1: important: Security update for | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | Third Party Advisory |
| Expat: Multiple vulnerabilities (GLSA 201701-21) — Gentoo Security | af854a3a-2127-422b-91ae-364da2661108 | security.gentoo.org | Third Party Advisory |
| Bug 1296102 – CVE-2016-0718 expat: Out-of-bounds heap read on crafted input causing crash | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.redhat.com | Issue Tracking, Third Party Advisory |
| Security Bulletin - Policy Auditor update fixes multiple vulnerabilities in third-party libraries (CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2017-17740, CVE-2017-9287, CVE-2019-13057, CVE-2020-15719, CVE-2019-1543, CVE-2019-1547, CVE-2019-1552, CVE-2019-1563, CVE-2019-8457, CVE-2018-20506, CVE-2018-20346, CVE-2019-16168, CVE-2017-12627) | af854a3a-2127-422b-91ae-364da2661108 | kc.mcafee.com | Third Party Advisory |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | rhn.redhat.com | Third Party Advisory |
| IBM Security Network Protection Buffer Overflow in Expat Library Lets Remote Users Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| [security-announce] openSUSE-SU-2016:1964-1: important: Security update | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | Third Party Advisory |
| [security-announce] openSUSE-SU-2016:1441-1: important: Security update | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | Third Party Advisory |
| Full Disclosure: CVE-2016-9892 - Remote Code Execution as Root via ESET Endpoint Antivirus 6 | af854a3a-2127-422b-91ae-364da2661108 | seclists.org | Mailing List, Third Party Advisory |
| USN-2983-1: Expat vulnerability | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | Third Party Advisory |
| [security-announce] openSUSE-SU-2016:2026-1: important: Security update | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | Third Party Advisory |
| Android Security Bulletin—November 2016 | Android Open Source Project | af854a3a-2127-422b-91ae-364da2661108 | source.android.com | Third Party Advisory |
| Tenable Nessus Buffer Overflow in Expat Library Lets Remote Authenticated Users Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| USN-3044-1: Firefox vulnerabilities | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | Third Party Advisory |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | access.redhat.com | Third Party Advisory |
| Debian -- Security Information -- DSA-3582-1 expat | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | Third Party Advisory |
| 1236923 - (CVE-2016-0718) Heap read out-of-bound and crash in expat 2.1.0 | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.mozilla.org | Issue Tracking, Third Party Advisory |
| oss-security - CVE-2016-0718: Expat XML Parser Crashes on Malformed Input | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List, Third Party Advisory |
| Out-of-bounds read during XML parsing in Expat library — Mozilla | af854a3a-2127-422b-91ae-364da2661108 | www.mozilla.org | Third Party Advisory |
| Oracle Solaris Bulletin - July 2016 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | Third Party Advisory |
| Expat CVE-2016-0718 Buffer Overflow Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Third Party Advisory, VDB Entry |
| [security-announce] openSUSE-SU-2016:1523-1: important: Security update | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | Third Party Advisory |
| ESET Endpoint Antivirus 6 Remote Code Execution ≈ Packet Storm | af854a3a-2127-422b-91ae-364da2661108 | packetstormsecurity.com | Third Party Advisory, VDB Entry |
| CPU July 2018 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | Patch, Third Party Advisory |
| [R2] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities - Security Advisory | Tenable Network Security | af854a3a-2127-422b-91ae-364da2661108 | www.tenable.com | Third Party Advisory |
| About the security content of OS X El Capitan v10.11.6 and Security Update 2016-004 - Apple Support | af854a3a-2127-422b-91ae-364da2661108 | support.apple.com | Third Party Advisory |
| Apple macOS/OS X Multiple Flaws Let Remote and Local Users Deny Service, Obtain Potentially Sensitive Information, and Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| [security-announce] SUSE-SU-2016:1512-1: important: Security update for | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | Third Party Advisory |
| APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004 | af854a3a-2127-422b-91ae-364da2661108 | lists.apple.com | Mailing List, Third Party Advisory |
| Red Hat Customer Portal | MITRE | access.redhat.com | |
| CVE-2016-0718 - Red Hat Customer Portal | MITRE | access.redhat.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 710322 Gentoo Linux Expat Multiple Vulnerabilities (GLSA 201701-21)