CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 0CVE-2017-18258 – libxml2: Unrestricted memory usage in xz_head() function in xzlib.c
https://notcve.org/view.php?id=CVE-2017-18258
08 Apr 2018 — The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file. La función xz_head en xzlib.c en libxml2, en versiones anteriores a la 2.9.6, permite que atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante un archivo LZMA. Esto se dene a que la funcionalidad de descifrado no rest... • https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 0CVE-2017-15412 – libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c
https://notcve.org/view.php?id=CVE-2017-15412
07 Dec 2017 — Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Uso de memoria previamente liberada en libxml2 en versiones anteriores a la 2.9.5, tal y como se emplea en Google Chrome en versiones anteriores a la 63.0.3239.84 y otros productos, permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. A use... • http://www.securitytracker.com/id/1040348 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-16932 – Ubuntu Security Notice USN-3504-1
https://notcve.org/view.php?id=CVE-2017-16932
23 Nov 2017 — parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. parser.c en libxml2 en versiones anteriores a la 2.9.5 no evita la recursión infinita en las entidades de parámetro. Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. It was discovered that libxml2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. • http://xmlsoft.org/news.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-16931
https://notcve.org/view.php?id=CVE-2017-16931
23 Nov 2017 — parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. parser.c en libxml2 en versiones anteriores a la 2.9.5 gestiona de manera incorrecta las referencias de entidades de parámetro debido a que la macro NEXTL llama a la función xmlParserHandlePEReference en caso de que haya un carácter "%" en un nombre DTD. • http://xmlsoft.org/news.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-5130 – chromium-browser: heap overflow in libxml2
https://notcve.org/view.php?id=CVE-2017-5130
20 Oct 2017 — An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file. Un desbordamiento de enteros en xmlmemory.c en versiones anteriores a la 2.9.5 de libxml2, tal y como se emplea en Google Chrome, en versiones anteriores a la 62.0.3202.62 y en otros productos, permite que un atacante remoto explote la corrupción de la memoria dinámica (heap) mediante un archivo... • http://bugzilla.gnome.org/show_bug.cgi?id=783026 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 0CVE-2017-7375 – Ubuntu Security Notice USN-3424-2
https://notcve.org/view.php?id=CVE-2017-7375
19 Sep 2017 — A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable). Un error en libxml2 permite la inclusión de entidades XML con marcas de... • http://www.securityfocus.com/bid/98877 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 10.0EPSS: 10%CPEs: 11EXPL: 1CVE-2017-7376 – Ubuntu Security Notice USN-3424-2
https://notcve.org/view.php?id=CVE-2017-7376
19 Sep 2017 — Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects. Desbordamiento de búfer en libxml2 permite que atacantes remotos ejecuten código arbitrario aprovechando un límite incorrecto para los valores del puerto cuando se gestionan las redirecciones. It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial of service or pos... • https://github.com/brahmstaedt/libxml2-exploit • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.7EPSS: 0%CPEs: 6EXPL: 1CVE-2016-9318 – libxml2: XML External Entity vulnerability
https://notcve.org/view.php?id=CVE-2016-9318
16 Nov 2016 — libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document. libxml2 2.9.4 y versiones anteriores, como se usa en XMLSec 1.2.23 y versiones anteriores y otros productos, no ofrece un indicador que indique directamente que el documento actual puede ser leido pero... • http://www.securityfocus.com/bid/94347 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 10.0EPSS: 5%CPEs: 5EXPL: 0CVE-2016-4658 – libxml2: Use after free via namespace node in XPointer ranges
https://notcve.org/view.php?id=CVE-2016-4658
20 Sep 2016 — xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document. xpointer.c en libxml2, en versiones anteriores a la 2.9.5 (tal y como se usa en Apple iOS en versiones anteriores a la 10, OS X en versiones anteriores a la 10.12,... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 8.8EPSS: 10%CPEs: 17EXPL: 0CVE-2016-5131 – libxml2: Use after free triggered by XPointer paths beginning with range-to
https://notcve.org/view.php?id=CVE-2016-5131
23 Jul 2016 — Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. Vulnerabilidad de uso después de liberación de memoria en libxml2 hasta la versión 2.9.4, como se utiliza en Google Chrome en versiones anteriores a 52.0.2743.82, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto ... • http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html • CWE-416: Use After Free •