The vulnerability of the functions ezxml_str2utf8 and ezxmlParseStr in the ezxml.c component of the ezXML library for XML document syntax analysis allows a attacker to cause a service failure.

The vulnerability of the ezxmlstr2utf8 and ezxmlParseStr functions in the ezxml.c component of the ezXML XML syntax analysis library is related to pointer aliasing errors. Exploiting this vulnerability allows an attacker to trigger a service failure using a specially created XML file...

DEBIAN-CVE-2019-20007

An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxmlstr2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer in some compilers. After this, the function ezxmlparsestr does not check whether the s variable is...

Null pointer dereference

An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxmlstr2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer in some compilers. After this, the function ezxmlparsestr does not check whether the s variable is...

CVE-2019-20007

An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxmlstr2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer in some compilers. After this, the function ezxmlparsestr does not check whether the s variable is...