3 matches found
CVE-2021-21828
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. In the default case of DecodeTreeBlock a label is created via CurPath::AddLabel in order to track the label for later reference. An attacker can provide a malicious fil...
CVE-2021-21828
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. In the default case of DecodeTreeBlock a label is created via CurPath::AddLabel in order to track the label for later reference. An attacker can provide a malicious fil...
CVE-2021-21828
CVE-2021-21828 is a heap-based buffer overflow in AT&T Labs Xmill 0.7, specifically in the XML Decompression DecodeTreeBlock functionality. In the default DecodeTreeBlock path, a label is created via CurPath::AddLabel to track the label for later reference, and a crafted input file can trigger th...