CVE-2016-0718 Red Hat Update for expat security (RHSA-2016:2824)

Expat is a C library for parsing XML documents.

An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary code with the permission of the user running the application. (CVE-2016-0718)

On successful exploitation it would cause that application to crash or, possibly, execute arbitrary code with the permission of the user running the application.

Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

Refer to Red Hat security advisory RHSA-2016:2824 to address this issue and obtain more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

RHSA-2016:2824: Red Hat Enterprise Linux