6941 matches found
libxml2 -- multiple vulnerabilities
reports: CVE-2015-5312 Another entity expansion issue David Drysdale. CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey David Drysdale. CVE-2015-7498 Avoid processing entities after encoding conversion failures Daniel Veillard. CVE-2015-7499 1 Add xmlHaltParser to stop the...
PT-2015-3256
Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.3 Description The issue is related to the xmlParseMisc function in parser.c, which allows context-dependent attackers to cause a denial of service due to an out-of-bounds heap read. This is related to incorrect...
PT-2015-3254
Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.3 Description The issue is related to a heap-based buffer overflow in the xmlParseXmlDecl function, which can be exploited by context-dependent attackers to cause a denial of service. This occurs via unspecified...
PT-2015-3255
Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.3 Description The issue is a heap-based buffer overflow in the xmlGROW function in parser.c in libxml2. This allows context-dependent attackers to obtain sensitive process memory information via unspecified vector...
Libxml2 'parser.c' Buffer Overflow Vulnerability
Libxml2 is a C-based language used to parse XML documents library , which supports a variety of encoding formats , Xpath parsing , Well-formed and valid validation . A buffer overflow vulnerability exists in Libxml2 'parser.c'. An attacker could exploit the vulnerability to execute arbitrary code...
libxml2 Denial of Service Vulnerability (CNVD-2015-07711)
libxml2 is an XML parser and markup toolset. A denial of service vulnerability exists in libxml2 version 2.9.2 that allows attackers to cause a denial of service by crafting the xmlParseEntityDecl or xmlParseConditionalSections functions of parserc in XML data...
libxml2 Denial of Service Vulnerability (CNVD-2015-07712)
libxml2 is an XML parser and markup toolset. A denial-of-service vulnerability exists in libxml2 that could be exploited by an attacker to launch a denial-of-service attack via carefully crafted XML data...
CVE-2015-8035
The xzdecomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service process hang via crafted XML data...
DEBIAN-CVE-2015-8035
The xzdecomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service process hang via crafted XML data...
CVE-2015-8035
The xzdecomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service process hang via crafted XML data...
CVE-2015-7942
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted XML data, a different vulnerability than...
CVE-2015-7942
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted XML data, a different vulnerability than...
DEBIAN-CVE-2015-7942
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted XML data, a different vulnerability than...
CVE-2015-7941
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and libxml2 crash via crafted XML data to the 1 xmlParseEntityDecl or 2 xmlParseConditionalSections function in parser.c, as demonstrated by...
CVE-2015-7941
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and libxml2 crash via crafted XML data to the 1 xmlParseEntityDecl or 2 xmlParseConditionalSections function in parser.c, as demonstrated by...
CVE-2015-7941
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and libxml2 crash via crafted XML data to the 1 xmlParseEntityDecl or 2 xmlParseConditionalSections function in parser.c, as demonstrated by...
CVE-2015-7942
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted XML data, a different vulnerability than...
Out-of-bounds
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted XML data, a different vulnerability than...
Out-of-bounds
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and libxml2 crash via crafted XML data to the 1 xmlParseEntityDecl or 2 xmlParseConditionalSections function in parser.c, as demonstrated by...
Design/Logic Flaw
The xzdecomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service process hang via crafted XML data...