Уязвимость CVE-2016-3705

Пакет	Статус	Версия исправления	Релиз	Тип
libxml2	fixed	2.9.3+dfsg1-1.1		package

CVE-2016-3705

CVSS3: 7.5

ubuntu

больше 9 лет назад

The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.

CVE-2016-3705

redhat

почти 10 лет назад

The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.

CVE-2016-3705

CVSS3: 7.5

nvd

больше 9 лет назад

The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.

GHSA-r6qj-ff26-p4v7

CVSS3: 7.5

github

больше 3 лет назад

The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.

BDU:2018-01270

CVSS3: 7.5

fstec

больше 9 лет назад

Уязвимость функций xmlParserEntityCheck и xmlParseAttValueComplex библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании

exploitDog

CVE-2016-3705

Описание

Пакеты

Примечания

Связанные уязвимости