CVE-2023-37536

An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:xerces-c\+\+:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

History

01 Aug 2024, 13:44

Type Values Removed Values Added
CWE CWE-680

31 Dec 2023, 14:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2023/12/msg00027.html -

31 Dec 2023, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-11 07:15

Updated : 2024-08-01 13:44


NVD link : CVE-2023-37536

Mitre link : CVE-2023-37536

CVE.ORG link : CVE-2023-37536


JSON object : View

Products Affected

apache

  • xerces-c\+\+

fedoraproject

  • fedora

hcltech

  • bigfix_platform
CWE
CWE-190

Integer Overflow or Wraparound

CWE-680

Integer Overflow to Buffer Overflow