First published: Tue Jan 26 2016(Updated: )
An out-of-bounds read flaw was reported in libxml2's htmlParseNameComplex() function: <a href="http://seclists.org/oss-sec/2016/q1/199">http://seclists.org/oss-sec/2016/q1/199</a> A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to disclose crash.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Xmlsoft Libxml2 | <2.9.4 | |
Debian Debian Linux | =8.0 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =15.10 | |
Canonical Ubuntu Linux | =16.04 | |
debian/libxml2 | 2.9.4+dfsg1-7+deb10u4 2.9.4+dfsg1-7+deb10u6 2.9.10+dfsg-6.7+deb11u4 2.9.14+dfsg-1.3~deb12u1 2.9.14+dfsg-1.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.