An issue exists in ezXML 0.8.3 up to and including 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to NULL pointer dereference while running strlen() on a NULL pointer.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ezxml project ezxml |