Описание
The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service (infinite loop) via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 3.48-1ubuntu0.1 |
| devel | not-affected | 3.64-1 |
| hardy | released | 3.56-1ubuntu0.1 |
| intrepid | released | 3.56-1ubuntu2.1 |
| jaunty | released | 3.59-1ubuntu1.1 |
| karmic | released | 3.61-1ubuntu0.1 |
| upstream | released | 3.63 |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service (infinite loop) via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character.
The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service (infinite loop) via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character.
The decode_entities function in util.c in HTML-Parser before 3.63 allo ...
The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service (infinite loop) via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character.
4.3 Medium
CVSS2