CVE-2015-8317 – libxml2: Out-of-bounds heap read when parsing file with unfinished xml declaration
https://notcve.org/view.php?id=CVE-2015-8317
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read. La función xmlParseXMLDecl en parser.c en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto obtener información sensible a través de (1) un valor de codificiación indeterminado o (2) una declaración XML incompleta en datos XML, lo que desencadena una lectura de memoria dinámica fuera de rango. A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVE-2015-7499 – libxml2: Heap-based buffer overflow in xmlGROW
https://notcve.org/view.php?id=CVE-2015-7499
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors. Desbordamiento de buffer basado en memoria dinámica en la función xmlGROW en parser.c en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto obtener información sensible de la memoria de proceso a través de vectores no especificados. A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html http://marc.info/?l=bugtraq&m=145382616617563&w=2 http://rhn.redhat • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVE-2015-7498 – libxml2: Heap-based buffer overflow in xmlParseXmlDecl
https://notcve.org/view.php?id=CVE-2015-7498
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure. Desbordamiento de buffer basado en memoria dinámica en la función xmlParseXmlDecl en parser.c en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto causar una denegación de servicio a través de vectores no especificados relacionados con errores de extracción después de un fallo de conversión de la codificación. A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash. • http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html http://marc.info/?l=bugtraq&m=145382616617563&w=2 http://rhn.redhat.com/errata/RHSA-2015-2549.html http://rhn.redhat.com/errata/RHSA-2015-2550.html http://rhn.redhat.com/errata/RHSA-2016-1089.html http://www.debian.org/security/2015/dsa-3430 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVE-2015-7497 – libxml2: Heap-based buffer overflow in xmlDictComputeFastQKey
https://notcve.org/view.php?id=CVE-2015-7497
Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors. Desbordamiento de buffer basado en memoria dinámica en la función xmlDictComputeFastQKey en dict.c en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto causar una denegación de servicio a través de vectores no especificados. A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash. • http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html http://marc.info/?l=bugtraq&m=145382616617563&w=2 http://rhn.redhat.com/errata/RHSA-2015-2549.html http://rhn.redhat.com/errata/RHSA-2015-2550.html http://rhn.redhat.com/errata/RHSA-2016-1089.html http://www.debian.org/security/2015/dsa-3430 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVE-2015-7942 – libxml2: heap-based buffer overflow in xmlParseConditionalSections()
https://notcve.org/view.php?id=CVE-2015-7942
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941. La función xmlParseConditionalSections en parser.c en libxml2 no omite adecuadamente las entidades intermediarias cuando se detiene el análisis de entrada no válida, lo que permite a atacantes dependientes del contexto causar una denegación de servicio (lectura fuera de rango y caída) a través de datos XML manipulados, una vulnerabilidad diferente a CVE-2015-7941. A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash causing a denial of service. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html http://lists.opensuse.org/opensuse-updates/2015- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •