CVSS: 10.0EPSS: 34%CPEs: 11EXPL: 0CVE-2017-7376
https://notcve.org/view.php?id=CVE-2017-7376
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects. Desbordamiento de búfer en libxml2 permite que atacantes remotos ejecuten código arbitrario aprovechando un límite incorrecto para los valores del puerto cuando se gestionan las redirecciones. • http://www.securityfocus.com/bid/98877 http://www.securitytracker.com/id/1038623 https://android.googlesource.com/platform/external/libxml2/+/51e0cb2e5ec18eaf6fb331bc573ff27b743898f4 https://bugzilla.redhat.com/show_bug.cgi?id=1462216 https://git.gnome.org/browse/libxml2/commit/?id=5dca9eea1bd4263bfa4d037ab2443de1cd730f7e https://source.android.com/security/bulletin/2017-06-01 https://www.debian.org/security/2017/dsa-3952 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-9047 – libxml2: Buffer overflow in function xmlSnprintfElementContent
https://notcve.org/view.php?id=CVE-2017-9047
A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is assigned strlen(buf). If the content->type is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content->prefix is appended to buf (if it actually fits) whereupon (ii) content->name is written to the buffer. However, the check for whether the content->name actually fits also uses 'len' rather than the updated buffer length strlen(buf). • http://www.debian.org/security/2017/dsa-3952 http://www.openwall.com/lists/oss-security/2017/05/15/1 http://www.securityfocus.com/bid/98599 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/201711-01 https://access.redhat.com/security/cve/CVE-2017-9047 https://bugzilla.redhat& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-9048 – libxml2: Stack-based buffer overflow in function xmlSnprintfElementContent
https://notcve.org/view.php?id=CVE-2017-9048
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash. En libxml2 versión 20904-GITv2.9.4-16-g0741801 es vulnerable a un desbordamiento de búfer en la región stack de la memoria. • http://www.debian.org/security/2017/dsa-3952 http://www.openwall.com/lists/oss-security/2017/05/15/1 http://www.securityfocus.com/bid/98556 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/201711-01 https://access.redhat.com/security/cve/CVE-2017-9048 https://bugzilla.redhat& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-9049 – libxml2: Heap-based buffer over-read in function xmlDictComputeFastKey
https://notcve.org/view.php?id=CVE-2017-9049
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398. libxml2 20904-GIT versión 2.9.4-16-g0741801, es vulnerable a una lectura excesiva de búfer en la región heap de la memoria en la función xmlDictComputeFastKey en el archivo dict.c. Esta vulnerabilidad causa que los programas que utilizan libxml2, como PHP, se bloqueen. Esta vulnerabilidad se presenta debido a una corrección incompleta para libxml2 Bug 759398. • http://www.debian.org/security/2017/dsa-3952 http://www.openwall.com/lists/oss-security/2017/05/15/1 http://www.securityfocus.com/bid/98601 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/201711-01 https://access.redhat.com/security/cve/CVE-2017-9049 https://bugzilla.redhat& • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-9050 – libxml2: Heap-based buffer over-read in function xmlDictAddString
https://notcve.org/view.php?id=CVE-2017-9050
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839. libxml2 20904-GIT versión 2.9.4-16-g0741801, es vulnerable a una lectura excesiva de búfer en la región heap de la memoria en la función xmlDictAddString en el archivo dict.c. Esta vulnerabilidad causa que los programas que utilizan libxml2, como PHP, se bloqueen. Esta vulnerabilidad se presenta debido a una corrección incompleta para CVE-2016-1839. • http://www.debian.org/security/2017/dsa-3952 http://www.openwall.com/lists/oss-security/2017/05/15/1 http://www.securityfocus.com/bid/98568 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/201711-01 https://access.redhat.com/security/cve/CVE-2017-9050 https://bugzilla.redhat& • CWE-125: Out-of-bounds Read •