CVE-2015-7499: Buffer Overflow
First published: Fri Nov 13 2015(Updated: )
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| iStyle @cosme iPhone OS | <=9.2.1 | |
| Apple iOS and macOS | <=10.11.3 | |
| tvOS | <=9.1 | |
| Apple iOS, iPadOS, and watchOS | <=2.1 | |
| Ubuntu | =12.04 | |
| Ubuntu | =14.04 | |
| Ubuntu | =15.04 | |
| Ubuntu | =15.10 | |
| redhat enterprise Linux desktop | =6.0 | |
| Red Hat Enterprise Linux HPC Node | =6.0 | |
| redhat enterprise Linux server | =6.0 | |
| redhat enterprise Linux workstation | =6.0 | |
| HP IceWall Federation Agent | =3.0 | |
| HP Icewall File Manager | =3.0 | |
| libxml2 | <=2.9.2 | |
| Debian | =7.0 | |
| Debian | =8.0 | |
| openSUSE | =42.1 | |
| openSUSE | =13.1 | |
| openSUSE | =13.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
- http://marc.info/?l=bugtraq&m=145382616617563&w=2
- http://rhn.redhat.com/errata/RHSA-2015-2549.html
- http://rhn.redhat.com/errata/RHSA-2015-2550.html
- http://rhn.redhat.com/errata/RHSA-2016-1089.html
- http://www.debian.org/security/2015/dsa-3430
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.securityfocus.com/bid/79509
- http://www.securitytracker.com/id/1034243
- http://www.ubuntu.com/usn/USN-2834-1
- http://xmlsoft.org/news.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1281925
- https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc
- https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172
- https://security.gentoo.org/glsa/201701-37
- https://support.apple.com/HT206166
- https://support.apple.com/HT206167
- https://support.apple.com/HT206168
- https://support.apple.com/HT206169
- https://bugzilla.gnome.org/show_bug.cgi?id=756479
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1093836&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1093836&action=edit
- https://rhn.redhat.com/errata/RHSA-2015-2549.html
- https://rhn.redhat.com/errata/RHSA-2015-2550.html
- https://rhn.redhat.com/errata/RHSA-2016-1089.html
Frequently Asked Questions
What is the severity of CVE-2015-7499?
CVE-2015-7499 is classified as a high severity vulnerability due to its potential to allow attackers to read sensitive process memory information.
How do I fix CVE-2015-7499?
To fix CVE-2015-7499, upgrade libxml2 to version 2.9.3 or later.
What systems are affected by CVE-2015-7499?
CVE-2015-7499 affects various systems including Apple iPhone OS, Mac OS X, tvOS, watchOS, multiple versions of Ubuntu, Red Hat Enterprise Linux, and certain HP software products.
What type of vulnerability is CVE-2015-7499?
CVE-2015-7499 is a heap-based buffer overflow vulnerability.
Can CVE-2015-7499 be exploited remotely?
Yes, CVE-2015-7499 can be exploited by context-dependent attackers through unspecified vectors.
- agent/type
- agent/remedy
- agent/first-publish-date
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2015-7499
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/apple
- canonical/istyle @cosme iphone os
- version/istyle @cosme iphone os/9.2.1
- canonical/apple ios and macos
- version/apple ios and macos/10.11.3
- canonical/tvos
- version/tvos/9.1
- canonical/apple ios, ipados, and watchos
- version/apple ios, ipados, and watchos/2.1
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/12.04
- version/ubuntu/14.04
- version/ubuntu/15.04
- version/ubuntu/15.10
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- canonical/red hat enterprise linux hpc node
- version/red hat enterprise linux hpc node/6.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- vendor/hp
- canonical/hp icewall federation agent
- version/hp icewall federation agent/3.0
- canonical/hp icewall file manager
- version/hp icewall file manager/3.0
- vendor/xmlsoft
- canonical/libxml2
- version/libxml2/2.9.2
- vendor/debian
- canonical/debian
- version/debian/7.0
- version/debian/8.0
- vendor/opensuse
- canonical/opensuse
- version/opensuse/42.1
- version/opensuse/13.1
- version/opensuse/13.2