CVE-2015-5522

2015-08-11T10:59:14
ID CVE-2015-5522
Type cve
Reporter NVD
Modified 2016-12-07T22:10:06

Description

Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.