75 matches found
CVE-2018-20004
An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...
Stack overflow
An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...
CVE-2018-20004
An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...
CVE-2018-20005
An issue has been found in Mini-XML aka mxml 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc...
Design/Logic Flaw
An issue has been found in Mini-XML aka mxml 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc...
UBUNTU-CVE-2018-20005
An issue has been found in Mini-XML aka mxml 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc...
DEBIAN-CVE-2018-20004
An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...
UBUNTU-CVE-2018-20004
An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...
DEBIAN-CVE-2018-20005
An issue has been found in Mini-XML aka mxml 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc...
CVE-2018-20004
An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...
CVE-2018-20005
An issue has been found in Mini-XML aka mxml 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc...
CVE-2018-20005
CVE-2018-20005 affects Mini-XML (mxml) 2.12. The issue is a use-after-free in mxmlWalkNext (mxml-search.c). Connected advisories note updates to fix multiple mxml issues (including CVE-2018-20005) in Mageia/Fedora channels; patches exist but exact patched versions are not specified in the provide...
CVE-2018-20004
CVE-2018-20004 affects Mini-XML (mxml) 2.12. It describes a stack-based buffer overflow in mxml_write_node (mxml-file.c) triggered via vectors involving a double-precision number and the substring . The issue is documented across multiple advisories (e.g., Mageia MGASA-2019-0159 and Fedora update...
Mini-XML Buffer Overflow Vulnerability (CNVD-2019-09592)
Mini-XML is a small XML parsing library , without the need for large non-standard libraries to read XML data files or strings in the application . A stack buffer overflow vulnerability exists in mxmlwritenode in mxml-file.c in Mini-XML i.e., mxml 2.12, which can be exploited by an attacker to cau...
SUSE-SU-2017:3060-1 Security update for mxml
This update for mxml fixes the following issues: Security issues fixed: - CVE-2016-4570, CVE-2016-4571: stack exhaustion parsing xml files using mxml bsc979205, bsc979206...
MGASA-2017-0103 Updated mxml packages fix security vulnerability
Two stack exhaustion issues based on uncontrolled recursion were found in mxml. A maliciously crafted xml file can cause the application to crash. Recursion using mxmlDelete at mxml-node.c:217 reproducer is stack-exhaustion-1.xml CVE-2016-4570. Recursion using mxmlwritenode at mxml-file.c:2739...
Updated mxml packages fix security vulnerability
Two stack exhaustion issues based on uncontrolled recursion were found in mxml. A maliciously crafted xml file can cause the application to crash. Recursion using mxmlDelete at mxml-node.c:217 reproducer is stack-exhaustion-1.xml CVE-2016-4570. Recursion using mxmlwritenode at mxml-file.c:2739...
openSUSE Security Update : mxml (openSUSE-2017-380)
This update for mxml fixes the following issues : - CVE-2016-4570: Specially crafted XML files could have caused stack exhaustation bsc979205 - CVE-2016-4571: Specially crafted XML files could have caused stack exhaustation bsc979206 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
CVE-2016-4570
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...
UBUNTU-CVE-2016-4571
The mxmlwritenode function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...