The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent malicious users to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xmlsoft libxml2 |
||
debian debian linux 8.0 |
||
oracle solaris 11.3 |