OSV-2024-634 Heap-buffer-overflow in htmlCurrentChar

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70297 Crash type: Heap-buffer-overflow READ 1 Crash state: htmlCurrentChar htmlParseCharData htmlParseContentInternal...

PT-2024-40806 · Git +1 · Libxml2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue has been identified, which can cause a crash. The crash occurs in the htmlParseCharData and htmlParseContentInternal...

OSV-2023-1303 Heap-use-after-free in htmlCurrentChar

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65043 Crash type: Heap-use-after-free READ 1 Crash state: htmlCurrentChar htmlParseComment htmlParseDocument...

OSV-2023-684 Heap-use-after-free in __xmlRaiseError

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61337 Crash type: Heap-use-after-free READ 2 Crash state: xmlRaiseError htmlParseErr htmlCurrentChar...

OSV-2023-174 Global-buffer-overflow in htmlCurrentChar

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56964 Crash type: Global-buffer-overflow READ 1 Crash state: htmlCurrentChar htmlParseNameComplex htmlParseName...

Heap-based Buffer Overread

The nokogiri gem contains a libxml2 package which is vulnerable to a heap-based buffer overread vulnerability. The vulnerability in libxml2 is referenced as CVE-2016-1833. Using a flaw in the htmlCurrentChar function, attackers can trigger the vulnerability using malicious XML input...

libxml2: Heap-based buffer overread in htmlCurrentChar

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

Oracle Linux 6 / 7 : libxml2 (ELSA-2016-1292)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-1292 advisory. - Heap-based buffer overread in xmlNextChar CVE-2016-1762 - Bug 763071: Heap-buffer-overflow in xmlStrncat CVE-2016-1834 - Bug 757711:...

libxml2: Heap-based buffer overread in htmlCurrentChar

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

CVE-2016-1833

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

DEBIAN-CVE-2016-1833

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

Heap overflow

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

CVE-2016-1833

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

UBUNTU-CVE-2016-1833

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

CVE-2016-1833

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

libxml2 - htmlCurrentChar Heap Based Buffer Overread

Exploit for linux platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=636 The following crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 2.9.3, released 4 days ago, by feeding a...

libxml2 - htmlCurrentChar Heap Buffer Overread

libxml2 - htmlCurrentChar Heap Buffer Overread Source: https://code.google.com/p/google-security-research/issues/detail?id=636 The following crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 2.9.3, released 4 days ago, by feeding a...

libxml2 - htmlCurrentChar Heap Buffer Overread

Source: https://code.google.com/p/google-security-research/issues/detail?id=636 The following crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 2.9.3, released 4 days ago, by feeding a malformed file to xmllint "$ ./xmllint --html...