CVE-2018-1311: Use After Free

Published Dec 18, 2019
·
Updated

Apache Xerces-C could allow a remote attacker to execute arbitrary code on the system, caused by an use-after-free error during the scanning of external DTDs. By sending a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.

Other sources

The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCESDISABLEDTD environment variable.

Ubuntu

XML parser contains a use-after-free error triggered during the scanning of external DTDs. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCESDISABLEDTD environment variable.

External References:

https://marc.info/?l=xerces-c-users&m=157653840106914&w=2

Red Hat

Affected Software

29 affected componentsFixes available
debian/xerces-c<=3.1.4+debian-2+deb9u1, <=3.2.2+debian-1, <=3.1.4+debian-1
redhat/xerces-c<3.2.3
3.2.3
ubuntu/xerces-c<3.2.0+
3.2.0+
ubuntu/xerces-c<3.2.2+
3.2.2+
ubuntu/xerces-c<3.2.3+
3.2.3+
ubuntu/xerces-c<3.2.4+
3.2.4+
ubuntu/xerces-c<3.2.4+
3.2.4+
ubuntu/xerces-c<3.1.1-5.1+
3.1.1-5.1+
ubuntu/xerces-c<3.2.5, <3.2.4+
3.2.53.2.4+
ubuntu/xerces-c<3.1.3+
3.1.3+
debian/xerces-c
3.2.2+debian-1+deb10u13.2.2+debian-1+deb10u23.2.3+debian-3+deb11u13.2.4+debian-13.2.4+debian-1.3
IBM QRadar SIEM<=7.5 - 7.5.0 UP9 IF03
IBM QRadar Incident Forensics<=7.5 - 7.5.0 UP9 IF03
Apache Xerces-c\+\+>=3.0.0<3.2.5
redhat Enterprise Linux Desktop=6.0
redhat Enterprise Linux Desktop=7.0
redhat Enterprise Linux Eus=7.7
redhat Enterprise Linux Server=6.0
redhat Enterprise Linux Server=7.0
redhat Enterprise Linux Server Aus=7.7
redhat Enterprise Linux Server Tus=7.7
redhat Enterprise Linux Workstation=6.0
redhat Enterprise Linux Workstation=7.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Oracle GoldenGate<21.4.0.0.0
Fedoraproject Fedora=38
Fedoraproject Fedora=39
Apache Xerces-c\+\+>=3.0.0<=3.2.3

Remediation

Patch Available

https://www.oracle.com/security-alerts/cpujan2022.html

Patch Available

https://github.com/apache/xerces-c/commit/b38ab79e934b9c27de191ee7af6926c7af42069d

Patch Available

https://github.com/apache/xerces-c/commit/e0024267504188e42ace4dd9031d936786914835

Event History

Dec 18, 2019
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
DescriptionWeakness
Data Sourced
via NVD·08:15 PM
RemedyDescriptionSeverityWeaknessAffected Software
Feb 28, 2024
Data Sourced
via Launchpad·11:18 PM
Description
Oct 17, 2024
Data Sourced
via IBM·12:00 AM
DescriptionAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is CVE-2018-1311?

CVE-2018-1311 is a vulnerability in the Apache Xerces-C XML parser that could allow a remote attacker to execute arbitrary code on the system.

2

How severe is CVE-2018-1311?

CVE-2018-1311 has a severity rating of 9.8 out of 10, which is classified as critical.

3

What is the root cause of CVE-2018-1311?

The root cause of CVE-2018-1311 is a use-after-free error triggered during the scanning of external Document Type Definitions (DTDs) in the Apache Xerces-C XML parser.

4

Is there a fix available for CVE-2018-1311?

At the time of writing, there is no fix available for CVE-2018-1311 in the maintained version of the Apache Xerces-C library. However, disabling DTD processing can mitigate the vulnerability.

5

How can I mitigate CVE-2018-1311?

To mitigate CVE-2018-1311, you can disable DTD processing in the Apache Xerces-C XML parser.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203