CVSS: 9.8EPSS: 1%CPEs: 15EXPL: 0CVE-2015-8242 – libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode
https://notcve.org/view.php?id=CVE-2015-8242
07 Dec 2015 — The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data. La función xmlSAX2TextNode en SAX2.c en la interfaz push en el parser HTML en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto causar una denegación de servicio (sobre lectura de buffer basado en pila... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 2CVE-2015-8317 – libxml2: Out-of-bounds heap read when parsing file with unfinished xml declaration
https://notcve.org/view.php?id=CVE-2015-8317
07 Dec 2015 — The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read. La función xmlParseXMLDecl en parser.c en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto obtener información sensible a través de (1) un valor de codificiación indeterminado o (2) una declaración XML incompleta e... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 2%CPEs: 17EXPL: 0CVE-2015-5312 – libxml2: CPU exhaustion when processing specially crafted XML input
https://notcve.org/view.php?id=CVE-2015-5312
07 Dec 2015 — The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660. La función xmlStringLenDecodeEntities en parser.c en libxml2 en versiones anteriores a 2.9.3 no previene adecuadamente la expansión de entidad, lo que permite a atacantes dependientes del contexto causar una denegación de servicio (cons... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 2%CPEs: 17EXPL: 0CVE-2015-7500 – libxml2: Heap buffer overflow in xmlParseMisc
https://notcve.org/view.php?id=CVE-2015-7500
07 Dec 2015 — The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags. La función xmlParseMisc en parser.c en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto causar una denegación de servicio (lectura de memoria dinámica fuera de rango) a través de vectores no especificados relacionados con límites de entidades... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 4%CPEs: 66EXPL: 0CVE-2015-6837 – php: NULL pointer dereference in XSLTProcessor class
https://notcve.org/view.php?id=CVE-2015-6837
15 Sep 2015 — The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation during initial error checking, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838. La función xsl_function_php e... • http://php.net/ChangeLog-5.php • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 4%CPEs: 66EXPL: 0CVE-2015-6838 – php: NULL pointer dereference in XSLTProcessor class
https://notcve.org/view.php?id=CVE-2015-6838
15 Sep 2015 — The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation after the principal argument loop, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837. La función xsl_function_p... • http://php.net/ChangeLog-5.php • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 5%CPEs: 116EXPL: 0CVE-2014-3660 – libxml2: denial of service via recursive entity expansion
https://notcve.org/view.php?id=CVE-2014-3660
17 Oct 2014 — parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the "billion laughs" attack. parser.c en libxml2 anterior a 2.9.2 no previene debidamente la expansión de entidades incluso cuando la substitución de entidades haya sido deshabilitada, lo que permite a at... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 1%CPEs: 135EXPL: 1CVE-2013-0339 – Mandriva Linux Security Advisory 2013-198
https://notcve.org/view.php?id=CVE-2013-0339
16 Jul 2013 — libxml2 through 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because libxml2 already provides the ability to disable external entity expansion, the res... • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 189EXPL: 0CVE-2013-2877 – libxml2: Out-of-bounds read via a document that ends abruptly
https://notcve.org/view.php?id=CVE-2013-2877
10 Jul 2013 — parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state. parser.c en libxml2 anterior a 2.9.0 utilizada en Google Chrome anterior a 28.0.1500.71 y otros productos, permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango) a través de un documento que finaliza de... • ftp://xmlsoft.org/libxml2/libxml2-2.9.0.tar.gz • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 134EXPL: 0CVE-2013-0338 – libxml2: CPU consumption DoS when performing string substitutions during entities expansion
https://notcve.org/view.php?id=CVE-2013-0338
25 Apr 2013 — libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity. libxml2 v2.9.0 y anteriores permite a atacantes dependientes de contexto provocar una denegación de servicio (consumo de memoria y CPU) a través de un archivo XML que contiene una declaración de la entidad con el nuevo texto ... • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •