CVE-2015-5523
Debian Security Advisory 3309-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation.
Vulnerabilidad en la función ParseValue en lexer.c en tidy en versiones anteriores a 4.9.31, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores implicando múltiples espacios en blanco antes de un href vacío, lo que desencadena una asignación de memoria de gran tamaño.
Fernando Munoz discovered that HTML Tidy incorrectly handled memory. If a user or automated system were tricked into processing specially crafted data, applications linked against HTML Tidy could be made to crash, leading to a denial of service, or possibly execute arbitrary code.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-07-14 CVE Reserved
- 2015-07-20 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2015/07/15/3 | Mailing List |
|
| http://www.securityfocus.com/bid/75037 | Vdb Entry | |
| http://www.securitytracker.com/id/1033703 | Vdb Entry | |
| https://support.apple.com/HT205212 | Third Party Advisory |
|
| https://support.apple.com/HT205213 | Third Party Advisory |
|
| https://support.apple.com/HT205267 | Third Party Advisory |
|
| URL | Date | SRC |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2015/06/04/2 | 2024-08-06 | |
| http://www.openwall.com/lists/oss-security/2015/07/13/7 | 2024-08-06 | |
| https://github.com/htacg/tidy-html5/issues/217#issuecomment-108565501 | 2024-08-06 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 15.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "15.04" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | <= 8.2 Search vendor "Apple" for product "Iphone Os" and version " <= 8.2" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | <= 10.6.8 Search vendor "Apple" for product "Mac Os X" and version " <= 10.6.8" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Watchos Search vendor "Apple" for product "Watchos" | <= 1.0.1 Search vendor "Apple" for product "Watchos" and version " <= 1.0.1" | - |
Affected
| ||||||
| Htacg Search vendor "Htacg" | Tidy Search vendor "Htacg" for product "Tidy" | <= 4.9.30 Search vendor "Htacg" for product "Tidy" and version " <= 4.9.30" | - |
Affected
| ||||||