Lucene search
GoogleOSV:CVE-2018-20004HistoryDec 10, 2018 - 6:29 a.m.
CVE-2018-20004
2018-12-1006:29:00
Google
osv.dev
4
An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the ‘<order type=“real”>’ substring, as demonstrated by testmxml.
References
github.com/fouzhe/security/tree/master/mxml#stack-buffer-overflow-in-function-mxml_write_node
github.com/michaelrsweet/mxml/issues/233
lists.debian.org/debian-lts-announce/2019/01/msg00018.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N53IJHDYR5HVQLKH4J6B27OEQLGKSGY5/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNWF6BAU7S42O4LE4B74KIMHFE2HDNMI/
Related
cve
cve
CVE-2018-20004
2018-12-10 06:29:00
cvelist
cvelist
CVE-2018-20004
2018-12-10 06:00:00
nvd
nvd
CVE-2018-20004
2018-12-10 06:29:00
debiancve
debiancve
CVE-2018-20004
2018-12-10 06:29:00
ubuntucve
ubuntucve
CVE-2018-20004
2018-12-10 00:00:00
prion
prion
Stack overflow
2018-12-10 06:29:00
openvas
openvas
Debian: Security Advisory (DLA-1641-1)
2019-01-24 00:00:00
Fedora Update for mxml FEDORA-2019-d333d01e08
2019-03-28 00:00:00
Mageia: Security Advisory (MGASA-2019-0159)
2022-01-28 00:00:00
nessus
nessus
Debian DLA-1641-1 : mxml security update
2019-01-28 00:00:00
Fedora 30 : mxml (2019-4182dd32eb)
2019-05-02 00:00:00
Fedora 28 : mxml (2019-d333d01e08)
2019-03-25 00:00:00
osv
osv
mxml - security update
2019-01-25 00:00:00
mageia
mageia
Updated mxml packages fix security vulnerabilities
2019-05-12 12:35:33
debian
debian
[SECURITY] [DLA 1641-1] mxml security update
2019-01-25 07:56:02
fedora
fedora
[SECURITY] Fedora 30 Update: mxml-3.0-1.fc30
2019-03-29 19:37:51
[SECURITY] Fedora 29 Update: mxml-3.0-1.fc29
2019-03-29 21:03:57
[SECURITY] Fedora 28 Update: mxml-3.0-1.fc28
2019-03-25 05:29:35