[go: up one dir, main page]
|
|
Log in / Subscribe / Register

libxml2: multiple vulnerabilities

Package(s):libxml2 CVE #(s):CVE-2015-8806 CVE-2016-2073
Created:June 3, 2016 Updated:June 8, 2016
Description:

From the CVE entries:

CVE-2015-8806 - dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.

CVE-2016-2073 - The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.

Alerts:
Mageia MGASA-2016-0263 libxml2 2016-07-26
Gentoo 201701-37 libxml2 2017-01-16
SUSE SUSE-SU-2016:1604-1 libxml2 2016-06-17
openSUSE openSUSE-SU-2016:1595-1 libxml2 2016-06-16
SUSE SUSE-SU-2016:1538-1 libxml2 2016-06-09
Ubuntu USN-2994-1 libxml2 2016-06-06
Debian-LTS DLA-503-1 libxml2 2016-06-03
Debian DSA-3593-1 libxml2 2016-06-02
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds