An issue exists in ezXML 0.8.3 up to and including 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endings" feature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ezxml project ezxml |