The vulnerability of the DecodeTreeBlock function in the XML data compression tool Xmill allows a hacker to execute arbitrary code.

The vulnerability of the DecodeTreeBlock function in the XML data compression tool Xmill is related to a memory boundary error during XML file processing. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

CVE-2021-21826

A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within DecodeTreeBlock which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An...