5 matches found
OSV-2020-1130 Heap-buffer-overflow in xsltFormatNumberConversion
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17171 Crash type: Heap-buffer-overflow READ 1 Crash state: xsltFormatNumberConversion xsltFormatNumberFunction xmlXPathCompOpEval...
USN-3271-1: Libxslt vulnerabilities
Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service application crash or possible execute arbitrary code. CVE-2017-5029 Nicolas Gregoire discovere...
USN-3271-1 libxslt vulnerabilities
Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service application crash or possible execute arbitrary code. CVE-2017-5029 Nicolas Gregoire discovere...
Debian Security Advisory DSA 3709-1 (libxslt - security update)
Nick Wellnhofer discovered that the xsltFormatNumberConversion function in libxslt, an XSLT processing runtime library, does not properly check for a zero byte terminating the pattern string. This flaw can be exploited to leak a couple of bytes after the buffer that holds the pattern string...
DSA-3709-1 libxslt - security update
Bulletin has no description...