Lucene search

K
ubuntucveUbuntu.comUB:CVE-2015-8242
HistoryNov 18, 2015 - 12:00 a.m.

CVE-2015-8242

2015-11-1800:00:00
ubuntu.com
ubuntu.com
5

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

0.007 Low

EPSS

Percentile

81.0%

The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML
parser in libxml2 before 2.9.3 allows context-dependent attackers to cause
a denial of service (stack-based buffer over-read and application crash) or
obtain sensitive information via crafted XML data.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchlibxml2< 2.7.8.dfsg-5.1ubuntu4.13UNKNOWN
ubuntu14.04noarchlibxml2< 2.9.1+dfsg1-3ubuntu4.6UNKNOWN
ubuntu15.04noarchlibxml2< 2.9.2+dfsg1-3ubuntu0.2UNKNOWN
ubuntu15.10noarchlibxml2< 2.9.2+zdfsg1-4ubuntu0.2UNKNOWN

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

0.007 Low

EPSS

Percentile

81.0%