K43314223: libxml2 vulnerability CVE-2016-1835

Security Advisory Description Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document. CVE-2016-1835 Impact Allows an attacke...

libxml2/libxml2_xml_read_memory_fuzzer: Heap-use-after-free in xmlSAX2AttributeNs

Project: https://gitlab.gnome.org/GNOME/libxml2.git Detailed report: https://oss-fuzz.com/testcase?key=5721921484750848 Project: libxml2 Fuzzer: libFuzzerlibxml2xmlreadmemoryfuzzer Fuzz target binary: libxml2xmlreadmemoryfuzzer Job Type: libfuzzerasanlibxml2 Platform Id: linux Crash Type:...

Oracle Linux 6 / 7 : libxml2 (ELSA-2016-1292)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-1292 advisory. - Heap-based buffer overread in xmlNextChar CVE-2016-1762 - Bug 763071: Heap-buffer-overflow in xmlStrncat CVE-2016-1834 - Bug 757711:...

libxml2: Heap use-after-free in xmlSAX2AttributeNs

Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document...

Design/Logic Flaw

Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document...