Published: 24/03/2016 Updated: 26/03/2019

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

The xmlNextChar function in libxml2 prior to 2.9.4 allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple iphone os
apple tvos
apple watchos
apple safari
apple mac os x
debian debian linux 8.0
canonical ubuntu linux 16.04
canonical ubuntu linux 14.04
canonical ubuntu linux 12.04
canonical ubuntu linux 15.10
xmlsoft libxml2
redhat enterprise linux server tus 7.6
redhat enterprise linux server tus 7.2
redhat enterprise linux server eus 7.4
redhat enterprise linux server eus 7.2
redhat enterprise linux server 6.0
redhat enterprise linux server aus 7.4
redhat enterprise linux server aus 7.3
redhat enterprise linux server aus 7.2
redhat enterprise linux server eus 7.6
redhat enterprise linux desktop 6.0
redhat enterprise linux desktop 7.0
redhat enterprise linux workstation 6.0
redhat enterprise linux workstation 7.0
redhat enterprise linux server tus 7.3
redhat enterprise linux server aus 7.6
redhat enterprise linux server eus 7.5
redhat enterprise linux server eus 7.3
redhat enterprise linux server 7.0
mcafee web gateway

Synopsis Important: Red Hat JBoss Core Services Apache HTTP 2423 Release Type/Severity Security Advisory: Important Topic Red Hat JBoss Core Services httpd 2423 is now available from the Red Hat Customer Portal for Solaris and Microsoft Windows systemsRed Hat Product Security has rated this release as ...

Several security issues were fixed in libxml2 ...

Debian Bug report logs - #823414 libxml2: CVE-2016-3705: stack overflow before detecting invalid XML file Package: src:libxml2; Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 4 May 2016 14:09:02 UTC ...

Debian Bug report logs - #813613 libxml2: Heap-buffer overread in libxml2/dictc Package: src:libxml2; Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 3 Feb 2016 17:30:02 UTC Severity: important Tags: ...

Debian Bug report logs - #812807 libxml2: CVE-2016-2073: out-of-bounds read in htmlParseNameComplex() Package: src:libxml2; Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 26 Jan 2016 19:03:02 UTC Seve ...

Debian Bug report logs - #823405 libxml2: CVE-2016-4483 Package: src:libxml2; Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 4 May 2016 12:33:02 UTC Severity: important Tags: security, upstream Foun ...

Debian Bug report logs - #819006 libxml2: CVE-2016-3627: stack exhaustion in libxml2 parsing xml files in recover mode Package: src:libxml2; Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 22 Mar 2016 1 ...

A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the permissions of the user running the application (CVE-2016-1 ...

The xmlNextChar function in libxml2 before 294 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document ...

Heapbuster-symbolic Symbolic execution directed by a heap operation sequence This repo is for documentation and extra tools Below are the main work and related repos FuzzBALL heapbuster branch A modified version of libxml2-293 Changes have been made to generate heap operation trace and to simplify bug finding TODO Figure out why op_trace[60] is unreachable even if ELEM

CWE-119 https://support.apple.com/HT206166 http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html https://support.apple.com/HT206169 https://support.apple.com/HT206171 http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html https://support.apple.com/HT206168 https://support.apple.com/HT206167 http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html https://www.debian.org/security/2016/dsa-3593 http://www.ubuntu.com/usn/USN-2994-1 https://access.redhat.com/errata/RHSA-2016:1292 https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602 https://bugzilla.gnome.org/show_bug.cgi?id=759671 http://xmlsoft.org/news.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/85059 http://www.securitytracker.com/id/1035353 https://kc.mcafee.com/corporate/index?page=content&id=SB10170 http://rhn.redhat.com/errata/RHSA-2016-2957.html https://access.redhat.com/errata/RHSA-2016:2957 https://usn.ubuntu.com/2994-1/https://nvd.nist.gov

Get Started

CVE-2016-1762

Vulnerability Summary

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect