252 matches found
CVE-2019-20006
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent puts a pointer to the internal address of a larger block as xml-txt. This is later deallocated using free, leading to a segmentation fault...
CVE-2019-20007
An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxmlstr2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer in some compilers. After this, the function ezxmlparsestr does not check whether the s variable is...
UBUNTU-CVE-2019-20006
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent puts a pointer to the internal address of a larger block as xml-txt. This is later deallocated using free, leading to a segmentation fault...
CVE-2019-20005
The CVE-2019-20005 issue affects ezXML 0.8.3–0.8.6: during ezxml_decode, parsing a crafted XML file triggers incorrect memory handling, causing a heap-based buffer over-read when strchr() is used after a '\0' (end of a string). Multiple advisories (SUSE/SLES15, Mageia, openSUSE, etc.) reference e...
CVE-2019-20005
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while running strchr starting with a pointer after a '\0' character where the processing of a string was...
CVE-2019-20005
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while running strchr starting with a pointer after a '\0' character where the processing of a string was...
CVE-2019-20006
CVE-2019-20006 affects ezXML 0.8.3–0.8.6. The issue stems from ezxml_char_content: it stores a pointer to the internal address of a larger block in xml->txt, and that memory is later freed, leading to a segmentation fault. Connected sources reiter this exact behavior across multiple advisories...
CVE-2019-20006
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent puts a pointer to the internal address of a larger block as xml-txt. This is later deallocated using free, leading to a segmentation fault...
CVE-2019-20006
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent puts a pointer to the internal address of a larger block as xml-txt. This is later deallocated using free, leading to a segmentation fault...
CVE-2019-20007
An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxmlstr2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer in some compilers. After this, the function ezxmlparsestr does not check whether the s variable is...
CVE-2019-20007
CVE-2019-20007 affects ezXML 0.8.2–0.8.6. The flaw is in ezxml_str2utf8: zero-length reallocation can cause a NULL s, and ezxml_parse_str fails to guard against a NULL pointer, leading to a NULL dereference and crash. Connected advisories (SUSE openSUSE Mageia) enumerate the same issue among mult...
CVE-2019-20007
An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxmlstr2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer in some compilers. After this, the function ezxmlparsestr does not check whether the s variable is...