xpointer.c in libxml2 prior to 2.9.5 (as used in Apple iOS prior to 10, OS X prior to 10.12, tvOS prior to 10, and watchOS prior to 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote malicious users to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple iphone os |
||
apple mac os x |
||
apple tvos |
||
apple watchos |
||
xmlsoft libxml2 |