3 matches found
CVE-2013-2877
CVE-2013-2877 is a libxml2 out-of-bounds read vulnerability triggered by XML documents that end abruptly due to missing checks for the XML_PARSER_EOF state. It affected libxml2 up to version 2.9.0 (used in Chrome and other products) and could lead to denial of service. Remediation in the public a...
CVE-2013-0338
The vulnerability described (CVE-2013-0338) affects libxml2 2.9.0 and earlier, where an XML file containing an entity declaration with long replacement text and many references can cause a denial of service through entity expansion. This is a context-dependent DoS affecting CPU and memory usage. ...
CVE-2013-1969
CVE-2013-1969 affects libxml2 (notably 2.9.0 and possibly later) with multiple use-after-free vulnerabilities in parsing code. The advisory describes context-dependent attackers potentially crashing the process or, in some cases, executing arbitrary code via the htmlParseChunk and xmldecl_done pa...