Описание
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.9.2+zdfsg1-4ubuntu2 |
| esm-infra-legacy/trusty | released | 2.9.1+dfsg1-3ubuntu4.6 |
| precise | released | 2.7.8.dfsg-5.1ubuntu4.13 |
| trusty | released | 2.9.1+dfsg1-3ubuntu4.6 |
| trusty/esm | released | 2.9.1+dfsg1-3ubuntu4.6 |
| upstream | released | 2.9.3 |
| vivid | released | 2.9.2+dfsg1-3ubuntu0.2 |
| vivid/stable-phone-overlay | released | 2.9.2+dfsg1-3ubuntu0.2 |
| vivid/ubuntu-core | DNE | |
| wily | released | 2.9.2+zdfsg1-4ubuntu0.2 |
Показывать по
EPSS
5.8 Medium
CVSS2
Связанные уязвимости
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
The xmlSAX2TextNode function in SAX2.c in the push interface in the HT ...
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
Уязвимость библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании или получить конфиденциальную информацию
EPSS
5.8 Medium
CVSS2