5 matches found
The vulnerability of the ezxml_parse_str function in the ezXML XML document syntax analysis library allows a attacker to cause a service failure.
The vulnerability of the ezxmlparsestr function in the ezXML XML syntax analysis library is related to the exploitation of xml blind xpath injection. Exploiting this vulnerability allows a malicious actor to cause service failures using a specially created XML file...
The vulnerability of the ezxml_parse_str function in the ezXML XML document syntax analysis library allows a attacker to cause a service failure.
The vulnerability of the ezxmlparsestr function in the ezXML XML syntax analysis library involves reading data beyond the allowable buffer size. Exploiting this vulnerability allows a malicious actor to cause service failures by using a specially created XML file...
SUSE CVE-2021-31348
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlparsestr performs incorrect memory handling while parsing crafted XML files out-of-bounds read after a certain strcspn failure...
DEBIAN-CVE-2019-20007
An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxmlstr2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer in some compilers. After this, the function ezxmlparsestr does not check whether the s variable is...
Null pointer dereference
An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxmlstr2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer in some compilers. After this, the function ezxmlparsestr does not check whether the s variable is...