The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 prior to 2.9.3 allows context-dependent malicious users to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xmlsoft libxml2 |
||
hp icewall federation agent 3.0 |
||
hp icewall file manager 3.0 |
||
apple mac os x |
||
apple watchos |
||
apple tvos |
||
apple iphone os |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 15.04 |
||
canonical ubuntu linux 15.10 |
||
redhat enterprise linux desktop 6.0 |
||
redhat enterprise linux workstation 6.0 |
||
redhat enterprise linux hpc node 6.0 |
||
redhat enterprise linux server 6.0 |