Lucene search
K

75 matches found

UbuntuCve
UbuntuCve
added 2018/12/10 6:29 a.m.23 views

CVE-2018-20004

An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...

8.8CVSS6.3AI score0.02025EPSS
Exploits1References3
Prion
Prion
added 2018/12/10 6:29 a.m.20 views

Stack overflow

An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...

6.8CVSS8.7AI score0.02025EPSS
Exploits1References5Affected Software3
NVD
NVD
added 2018/12/10 6:29 a.m.18 views

CVE-2018-20004

An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...

8.8CVSS8.8AI score0.02025EPSS
Exploits1References5
NVD
NVD
added 2018/12/10 6:29 a.m.18 views

CVE-2018-20005

An issue has been found in Mini-XML aka mxml 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc...

5.5CVSS5.4AI score0.01111EPSS
Exploits1References4
Prion
Prion
added 2018/12/10 6:29 a.m.17 views

Design/Logic Flaw

An issue has been found in Mini-XML aka mxml 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc...

4.3CVSS5.8AI score0.01111EPSS
Exploits1References4Affected Software2
OSV
OSV
added 2018/12/10 6:29 a.m.2 views

UBUNTU-CVE-2018-20005

An issue has been found in Mini-XML aka mxml 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc...

5.5CVSS5.9AI score0.01111EPSS
Exploits1References4
OSV
OSV
added 2018/12/10 6:29 a.m.2 views

DEBIAN-CVE-2018-20004

An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...

8.8CVSS7.4AI score0.02025EPSS
Exploits1References1
OSV
OSV
added 2018/12/10 6:29 a.m.4 views

UBUNTU-CVE-2018-20004

An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...

8.8CVSS6.7AI score0.02025EPSS
Exploits1References4
OSV
OSV
added 2018/12/10 6:29 a.m.2 views

DEBIAN-CVE-2018-20005

An issue has been found in Mini-XML aka mxml 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc...

5.5CVSS6.9AI score0.01111EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/12/10 6:0 a.m.27 views

CVE-2018-20004

An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...

8.8AI score0.02025EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2018/12/10 6:0 a.m.26 views

CVE-2018-20005

An issue has been found in Mini-XML aka mxml 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc...

5.5CVSS5.4AI score0.01111EPSS
Exploits1
CVE
CVE
added 2018/12/10 6:0 a.m.60 views

CVE-2018-20005

CVE-2018-20005 affects Mini-XML (mxml) 2.12. The issue is a use-after-free in mxmlWalkNext (mxml-search.c). Connected advisories note updates to fix multiple mxml issues (including CVE-2018-20005) in Mageia/Fedora channels; patches exist but exact patched versions are not specified in the provide...

5.5CVSS6.7AI score0.01111EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2018/12/10 6:0 a.m.65 views

CVE-2018-20004

CVE-2018-20004 affects Mini-XML (mxml) 2.12. It describes a stack-based buffer overflow in mxml_write_node (mxml-file.c) triggered via vectors involving a double-precision number and the substring . The issue is documented across multiple advisories (e.g., Mageia MGASA-2019-0159 and Fedora update...

8.8CVSS8.6AI score0.02025EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2018/12/10 12:0 a.m.3 views

Mini-XML Buffer Overflow Vulnerability (CNVD-2019-09592)

Mini-XML is a small XML parsing library , without the need for large non-standard libraries to read XML data files or strings in the application . A stack buffer overflow vulnerability exists in mxmlwritenode in mxml-file.c in Mini-XML i.e., mxml 2.12, which can be exploited by an attacker to cau...

8.8CVSS5.8AI score0.02025EPSS
Exploits1References1
OSV
OSV
added 2017/11/23 4:16 p.m.7 views

SUSE-SU-2017:3060-1 Security update for mxml

This update for mxml fixes the following issues: Security issues fixed: - CVE-2016-4570, CVE-2016-4571: stack exhaustion parsing xml files using mxml bsc979205, bsc979206...

7.1CVSS5.9AI score0.01589EPSS
Exploits0References5
OSV
OSV
added 2017/04/04 6:44 a.m.5 views

MGASA-2017-0103 Updated mxml packages fix security vulnerability

Two stack exhaustion issues based on uncontrolled recursion were found in mxml. A maliciously crafted xml file can cause the application to crash. Recursion using mxmlDelete at mxml-node.c:217 reproducer is stack-exhaustion-1.xml CVE-2016-4570. Recursion using mxmlwritenode at mxml-file.c:2739...

7.1CVSS5.8AI score0.01589EPSS
Exploits0References5
Mageia
Mageia
added 2017/04/04 6:44 a.m.34 views

Updated mxml packages fix security vulnerability

Two stack exhaustion issues based on uncontrolled recursion were found in mxml. A maliciously crafted xml file can cause the application to crash. Recursion using mxmlDelete at mxml-node.c:217 reproducer is stack-exhaustion-1.xml CVE-2016-4570. Recursion using mxmlwritenode at mxml-file.c:2739...

7.1CVSS2.6AI score0.01589EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/03/28 12:0 a.m.33 views

openSUSE Security Update : mxml (openSUSE-2017-380)

This update for mxml fixes the following issues : - CVE-2016-4570: Specially crafted XML files could have caused stack exhaustation bsc979205 - CVE-2016-4571: Specially crafted XML files could have caused stack exhaustation bsc979206 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

7.1CVSS5.5AI score0.01589EPSS
Exploits0References4
NVD
NVD
added 2017/02/03 3:59 p.m.16 views

CVE-2016-4570

The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...

7.1CVSS5.7AI score0.01589EPSS
Exploits0References5
OSV
OSV
added 2017/02/03 3:59 p.m.2 views

UBUNTU-CVE-2016-4571

The mxmlwritenode function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...

5.5CVSS6.1AI score0.01589EPSS
Exploits0References3
Rows per page
Query Builder