expat -- denial of service vulnerability on malformed input

ID 57B3ABA7-1E25-11E6-8DD3-002590263BF5
Type freebsd
Reporter FreeBSD
Modified 2016-11-30T00:00:00


Gustavo Grieco reports:

The Expat XML parser mishandles certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. The overflows can manifest as a segmentation fault or as memory corruption during a parse operation. The bugs allow for a denial of service attack in many applications by an unauthenticated attacker, and could conceivably result in remote code execution.