CVE-2015-5523

2015-08-11T10:59:15
ID CVE-2015-5523
Type cve
Reporter NVD
Modified 2016-12-07T22:10:07

Description

The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation.