Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2013-2298

Multiple stack-based buffer overflows in the XML parser in BOINC 7.x allow attackers to have unspecified impact via a crafted XML file, related to the scheduler.

Published

2014-06-02T15:55:10.060

Last Modified

2025-07-08T17:33:43.070

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 9.3 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

10.0

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	universityofcalifornia	boinc_client	7.0	Yes
Application	universityofcalifornia	boinc_client	7.0.1	Yes
Application	universityofcalifornia	boinc_client	7.0.2	Yes
Application	universityofcalifornia	boinc_client	7.0.3	Yes
Application	universityofcalifornia	boinc_client	7.0.5	Yes
Application	universityofcalifornia	boinc_client	7.0.6	Yes
Application	universityofcalifornia	boinc_client	7.0.7	Yes
Application	universityofcalifornia	boinc_client	7.0.8	Yes
Application	universityofcalifornia	boinc_client	7.0.9	Yes
Application	universityofcalifornia	boinc_client	7.0.10	Yes
Application	universityofcalifornia	boinc_client	7.0.11	Yes
Application	universityofcalifornia	boinc_client	7.0.12	Yes
Application	universityofcalifornia	boinc_client	7.0.13	Yes
Application	universityofcalifornia	boinc_client	7.0.14	Yes
Application	universityofcalifornia	boinc_client	7.0.15	Yes
Application	universityofcalifornia	boinc_client	7.0.16	Yes
Application	universityofcalifornia	boinc_client	7.0.17	Yes
Application	universityofcalifornia	boinc_client	7.0.18	Yes
Application	universityofcalifornia	boinc_client	7.0.19	Yes
Application	universityofcalifornia	boinc_client	7.0.20	Yes
Application	universityofcalifornia	boinc_client	7.0.21	Yes
Application	universityofcalifornia	boinc_client	7.0.22	Yes
Application	universityofcalifornia	boinc_client	7.0.23	Yes
Application	universityofcalifornia	boinc_client	7.0.24	Yes
Application	universityofcalifornia	boinc_client	7.0.25	Yes
Application	universityofcalifornia	boinc_client	7.0.26	Yes
Application	universityofcalifornia	boinc_client	7.0.27	Yes
Application	universityofcalifornia	boinc_client	7.0.28	Yes
Application	universityofcalifornia	boinc_client	7.0.29	Yes
Application	universityofcalifornia	boinc_client	7.0.30	Yes
Application	universityofcalifornia	boinc_client	7.0.31	Yes
Application	universityofcalifornia	boinc_client	7.0.32	Yes
Application	universityofcalifornia	boinc_client	7.0.33	Yes
Application	universityofcalifornia	boinc_client	7.0.34	Yes
Application	universityofcalifornia	boinc_client	7.0.35	Yes
Application	universityofcalifornia	boinc_client	7.0.36	Yes
Application	universityofcalifornia	boinc_client	7.0.45	Yes
Application	universityofcalifornia	boinc_client	7.0.46	Yes
Application	universityofcalifornia	boinc_client	7.0.47	Yes
Application	universityofcalifornia	boinc_client	7.0.48	Yes
Application	universityofcalifornia	boinc_client	7.0.49	Yes
Application	universityofcalifornia	boinc_client	7.0.50	Yes
Application	universityofcalifornia	boinc_client	7.0.51	Yes
Application	universityofcalifornia	boinc_client	7.0.52	Yes
Application	universityofcalifornia	boinc_client	7.0.53	Yes
Application	universityofcalifornia	boinc_client	7.0.54	Yes
Application	universityofcalifornia	boinc_client	7.0.55	Yes
Application	universityofcalifornia	boinc_client	7.0.56	Yes
Application	universityofcalifornia	boinc_client	7.0.57	Yes
Application	universityofcalifornia	boinc_client	7.0.58	Yes
Application	universityofcalifornia	boinc_client	7.0.59	Yes
Application	universityofcalifornia	boinc_client	7.0.60	Yes
Application	universityofcalifornia	boinc_client	7.0.61	Yes
Application	universityofcalifornia	boinc_client	7.0.62	Yes
Application	universityofcalifornia	boinc_client	7.0.63	Yes
Application	universityofcalifornia	boinc_client	7.0.64	Yes
Application	universityofcalifornia	boinc_client	7.0.65	Yes
Application	universityofcalifornia	boinc_client	7.0.66	Yes
Application	universityofcalifornia	boinc_client	7.0.67	Yes
Application	universityofcalifornia	boinc_client	7.0.68	Yes
Application	universityofcalifornia	boinc_client	7.0.69	Yes
Application	universityofcalifornia	boinc_client	7.0.70	Yes
Application	universityofcalifornia	boinc_client	7.0.71	Yes
Application	universityofcalifornia	boinc_client	7.0.72	Yes
Application	universityofcalifornia	boinc_client	7.0.73	Yes
Application	universityofcalifornia	boinc_client	7.0.74	Yes
Application	universityofcalifornia	boinc_client	7.0.75	Yes
Application	universityofcalifornia	boinc_client	7.0.76	Yes
Application	universityofcalifornia	boinc_client	7.0.77	Yes
Application	universityofcalifornia	boinc_client	7.0.78	Yes
Application	universityofcalifornia	boinc_client	7.0.79	Yes
Application	universityofcalifornia	boinc_client	7.0.80	Yes
Application	universityofcalifornia	boinc_client	7.1.0	Yes
Application	universityofcalifornia	boinc_client	7.1.1	Yes
Application	universityofcalifornia	boinc_client	7.1.2	Yes
Application	universityofcalifornia	boinc_client	7.1.3	Yes
Application	universityofcalifornia	boinc_client	7.1.4	Yes
Application	universityofcalifornia	boinc_client	7.1.5	Yes
Application	universityofcalifornia	boinc_client	7.1.6	Yes
Application	universityofcalifornia	boinc_client	7.1.7	Yes
Application	universityofcalifornia	boinc_client	7.1.8	Yes
Application	universityofcalifornia	boinc_client	7.1.9	Yes
Application	universityofcalifornia	boinc_client	7.1.10	Yes
Application	universityofcalifornia	boinc_client	7.1.11	Yes
Application	universityofcalifornia	boinc_client	7.1.12	Yes
Application	universityofcalifornia	boinc_client	7.1.13	Yes
Application	universityofcalifornia	boinc_client	7.1.14	Yes
Application	universityofcalifornia	boinc_client	7.1.15	Yes
Application	universityofcalifornia	boinc_client	7.1.16	Yes
Application	universityofcalifornia	boinc_client	7.1.17	Yes
Application	universityofcalifornia	boinc_client	7.1.18	Yes
Application	universityofcalifornia	boinc_client	7.1.19	Yes
Application	universityofcalifornia	boinc_client	7.1.20	Yes
Application	universityofcalifornia	boinc_client	7.1.21	Yes
Application	universityofcalifornia	boinc_client	7.2.0	Yes
Application	universityofcalifornia	boinc_client	7.2.1	Yes
Application	universityofcalifornia	boinc_client	7.2.2	Yes
Application	universityofcalifornia	boinc_client	7.2.3	Yes
Application	universityofcalifornia	boinc_client	7.2.4	Yes
Application	universityofcalifornia	boinc_client	7.2.5	Yes
Application	universityofcalifornia	boinc_client	7.2.6	Yes
Application	universityofcalifornia	boinc_client	7.2.7	Yes
Application	universityofcalifornia	boinc_client	7.2.8	Yes
Application	universityofcalifornia	boinc_client	7.2.9	Yes
Application	universityofcalifornia	boinc_client	7.2.10	Yes
Application	universityofcalifornia	boinc_client	7.2.11	Yes
Application	universityofcalifornia	boinc_client	7.2.12	Yes
Application	universityofcalifornia	boinc_client	7.2.13	Yes
Application	universityofcalifornia	boinc_client	7.2.14	Yes
Application	universityofcalifornia	boinc_client	7.2.15	Yes
Application	universityofcalifornia	boinc_client	7.2.16	Yes
Application	universityofcalifornia	boinc_client	7.2.17	Yes
Application	universityofcalifornia	boinc_client	7.2.18	Yes
Application	universityofcalifornia	boinc_client	7.2.19	Yes
Application	universityofcalifornia	boinc_client	7.2.20	Yes
Application	universityofcalifornia	boinc_client	7.2.21	Yes
Application	universityofcalifornia	boinc_client	7.2.22	Yes
Application	universityofcalifornia	boinc_client	7.2.23	Yes
Application	universityofcalifornia	boinc_client	7.2.24	Yes
Application	universityofcalifornia	boinc_client	7.2.25	Yes
Application	universityofcalifornia	boinc_client	7.2.26	Yes
Application	universityofcalifornia	boinc_client	7.2.27	Yes
Application	universityofcalifornia	boinc_client	7.2.28	Yes
Application	universityofcalifornia	boinc_client	7.2.29	Yes
Application	universityofcalifornia	boinc_client	7.2.31	Yes
Application	universityofcalifornia	boinc_client	7.2.32	Yes
Application	universityofcalifornia	boinc_client	7.2.33	Yes
Application	universityofcalifornia	boinc_client	7.2.34	Yes
Application	universityofcalifornia	boinc_client	7.2.35	Yes
Application	universityofcalifornia	boinc_client	7.2.36	Yes
Application	universityofcalifornia	boinc_client	7.2.37	Yes
Application	universityofcalifornia	boinc_client	7.2.38	Yes
Application	universityofcalifornia	boinc_client	7.2.39	Yes
Application	universityofcalifornia	boinc_client	7.2.40	Yes
Application	universityofcalifornia	boinc_client	7.2.41	Yes
Application	universityofcalifornia	boinc_client	7.2.42	Yes
Application	universityofcalifornia	boinc_client	7.2.43	Yes
Application	universityofcalifornia	boinc_client	7.2.44	Yes
Application	universityofcalifornia	boinc_client	7.2.47	Yes
Application	universityofcalifornia	boinc_client	7.3.0	Yes
Application	universityofcalifornia	boinc_client	7.3.1	Yes
Application	universityofcalifornia	boinc_client	7.3.2	Yes
Application	universityofcalifornia	boinc_client	7.3.3	Yes
Application	universityofcalifornia	boinc_client	7.3.4	Yes
Application	universityofcalifornia	boinc_client	7.3.5	Yes
Application	universityofcalifornia	boinc_client	7.3.6	Yes
Application	universityofcalifornia	boinc_client	7.3.7	Yes
Application	universityofcalifornia	boinc_client	7.3.8	Yes
Application	universityofcalifornia	boinc_client	7.3.9	Yes
Application	universityofcalifornia	boinc_client	7.3.10	Yes
Application	universityofcalifornia	boinc_client	7.3.11	Yes
Application	universityofcalifornia	boinc_client	7.3.12	Yes
Application	universityofcalifornia	boinc_client	7.3.13	Yes
Application	universityofcalifornia	boinc_client	7.3.14	Yes
Application	universityofcalifornia	boinc_client	7.3.15	Yes
Application	universityofcalifornia	boinc_client	7.3.16	Yes
Application	universityofcalifornia	boinc_client	7.3.17	Yes
Application	universityofcalifornia	boinc_client	7.3.18	Yes
Application	universityofcalifornia	boinc_client	7.3.19	Yes

References

http://boinc.berkeley.edu/gitweb/?p=boinc-v2.git%3Ba=commitdiff%3Bh=2fea03824925cbcb976f4191f4d8321e41a4d95b ([email protected])
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125125.html ([email protected])
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125128.html ([email protected])
http://secunia.com/advisories/53192 ([email protected])
http://thread.gmane.org/gmane.comp.distributed.boinc.user/3741 ([email protected])
http://www.openwall.com/lists/oss-security/2013/04/28/3 ([email protected])
http://www.securityfocus.com/bid/59539 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/83931 ([email protected])
http://boinc.berkeley.edu/gitweb/?p=boinc-v2.git%3Ba=commitdiff%3Bh=2fea03824925cbcb976f4191f4d8321e41a4d95b (af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125125.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125128.html (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/53192 (af854a3a-2127-422b-91ae-364da2661108)
http://thread.gmane.org/gmane.comp.distributed.boinc.user/3741 (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2013/04/28/3 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/59539 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/83931 (af854a3a-2127-422b-91ae-364da2661108)