{
  "threat_severity" : "Moderate",
  "public_date" : "2016-05-17T00:00:00Z",
  "bugzilla" : {
    "description" : "expat: Out-of-bounds heap read on crafted input causing crash",
    "id" : "1296102",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1296102"
  },
  "cvss" : {
    "cvss_base_score" : "6.8",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "status" : "verified"
  },
  "cwe" : "CWE-125",
  "details" : [ "Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.", "An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary code with the permission of the user running the application." ],
  "acknowledgement" : "Red Hat would like to thank Gustavo Grieco for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2016-11-28T00:00:00Z",
    "advisory" : "RHSA-2016:2824",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "expat-0:2.0.1-13.el6_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-11-28T00:00:00Z",
    "advisory" : "RHSA-2016:2824",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "expat-0:2.1.0-10.el7_3"
  }, {
    "product_name" : "Text-Only JBCS",
    "release_date" : "2018-08-16T00:00:00Z",
    "advisory" : "RHSA-2018:2486",
    "cpe" : "cpe:/a:redhat:jboss_core_services:1",
    "package" : "httpd"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Directory Server 8",
    "fix_state" : "Under investigation",
    "package_name" : "expat",
    "cpe" : "cpe:/a:redhat:directory_server:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Will not fix",
    "package_name" : "expat",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "firefox",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "thunderbird",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Will not fix",
    "package_name" : "xmlrpc-c",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "xulrunner",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Will not fix",
    "package_name" : "compat-expat1",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "firefox",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "thunderbird",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "xulrunner",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "firefox",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "thunderbird",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "xulrunner",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat JBoss Enterprise Application Platform 6",
    "fix_state" : "Will not fix",
    "package_name" : "expat",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:6"
  }, {
    "product_name" : "Red Hat JBoss Enterprise Web Server 2",
    "fix_state" : "Will not fix",
    "package_name" : "expat",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:2"
  }, {
    "product_name" : "Red Hat JBoss Enterprise Web Server 3",
    "fix_state" : "Will not fix",
    "package_name" : "expat",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:3"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2016-0718\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-0718" ],
  "name" : "CVE-2016-0718",
  "csaw" : false
}