{
  "modified": "2025-08-09T19:01:26Z",
  "published": "2015-08-12T14:59:01Z",
  "id": "CVE-2015-0851",
  "details": "XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth Service Provider (SP), does not properly handle integer conversion exceptions, which allows remote attackers to cause a denial of service (crash) via schema-invalid XML data.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://shibboleth.net/community/advisories/secadv_20150721.txt"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.debian.org/security/2015/dsa-3321"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/76134"
    },
    {
      "type": "WEB",
      "url": "https://git.shibboleth.net/view/?p=cpp-xmltooling.git%3Ba=commitdiff%3Bh=2d795c731e6729309044607154978696a87fd900"
    }
  ]
}