Issue : 1058608  
 
 
 
  2017-06-15:FILE Invalid XML Version -1
 
 
 
Policy ID:
  1058608
 
Policy Type:
 

Scan

 
Attack Name:
  FILE Invalid XML Version -1
 
Attack Impact:
  Remote code execution
 
Attack Description:
 

A buffer overflow vulnerability was found in multiple products, caused by improper bounds checking of the version and encoding attributes inside the XML declaration.

 
False Positive:
 

None

 
False Negative:
 

None

 
Recommendation Action:
 

Update vendor's patch.

 
Reference:
 

CVE-2013-7260; msf

 
Severity:
 

Severe

 
OS:
 

WINDOWS_NT;

 
Support Model:
  ZyWALL USG Series/ZyWALL 1050
 
First Signature Release:
  ZLD: V3.0.3.084
 
Latest Modified Signature:
  ZLD: V3.0.3.259