CVE-2016-3705: Input Validation
First published: Tue May 03 2016(Updated: )
It is possible to trigger a stack overflow using a carefully crafted invalid xml file, the stack overflow occurs before libxml2 determines the xml file is invalid. Upstream bug: <a href="https://bugzilla.gnome.org/show_bug.cgi?id=765207">https://bugzilla.gnome.org/show_bug.cgi?id=765207</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/libxml2 | <0:2.7.6-21.el6_8.1 | 0:2.7.6-21.el6_8.1 |
| redhat/libxml2 | <0:2.9.1-6.el7_2.3 | 0:2.9.1-6.el7_2.3 |
| debian/libxml2 | 2.9.4+dfsg1-7+deb10u4 2.9.4+dfsg1-7+deb10u6 2.9.10+dfsg-6.7+deb11u4 2.9.14+dfsg-1.3~deb12u1 2.9.14+dfsg-1.3 | |
| Ubuntu Linux | =12.04 | |
| Ubuntu Linux | =14.04 | |
| Ubuntu Linux | =15.10 | |
| Ubuntu Linux | =16.04 | |
| Gnome Libxml2 | =2.9.3 | |
| Debian Debian Linux | =8.0 | |
| HP IceWall Federation Agent | =3.0 | |
| HP Icewall File Manager | =3.0 | |
| openSUSE | =42.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2016-3705 https://nvd.nist.gov/vuln/detail/CVE-2016-3705
- https://bugzilla.redhat.com/show_bug.cgi?id=1332443
- https://access.redhat.com/errata/RHSA-2016:1292
- https://access.redhat.com/errata/RHSA-2016:2957
- https://access.redhat.com/security/cve/CVE-2016-3705
- https://bugzilla.gnome.org/show_bug.cgi?id=765207
- https://security-tracker.debian.org/tracker/CVE-2016-3705
- https://bugzilla.novell.com/show_bug.cgi?id=975947
- https://security-tracker.debian.org/tracker/CVE-2016-1762
- https://security-tracker.debian.org/tracker/CVE-2016-1834
- https://security-tracker.debian.org/tracker/CVE-2016-4483
- https://security-tracker.debian.org/tracker/CVE-2016-1840
- https://security-tracker.debian.org/tracker/CVE-2016-1838
- https://security-tracker.debian.org/tracker/CVE-2016-1839
- https://security-tracker.debian.org/tracker/CVE-2015-8806
- https://security-tracker.debian.org/tracker/CVE-2016-1836
- https://security-tracker.debian.org/tracker/CVE-2016-4449
- https://security-tracker.debian.org/tracker/CVE-2016-1837
- https://security-tracker.debian.org/tracker/CVE-2016-1835
- https://security-tracker.debian.org/tracker/CVE-2016-4447
- https://security-tracker.debian.org/tracker/CVE-2016-1833
- https://security-tracker.debian.org/tracker/CVE-2016-3627
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823414
- http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html
- http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html
- http://rhn.redhat.com/errata/RHSA-2016-2957.html
- http://seclists.org/fulldisclosure/2016/May/10
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.securityfocus.com/bid/89854
- http://www.ubuntu.com/usn/USN-2994-1
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://security.gentoo.org/glsa/201701-37
- https://www.debian.org/security/2016/dsa-3593
- https://www.tenable.com/security/tns-2016-18
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/8f30bdff69edac9075f4663ce3b56b0c52d48ce6
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1153279
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1153279&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1332831
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1332832
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1332833
- https://git.gnome.org/browse/libxml2/commit/?h=CVE-2016-3705&id=8f30bdff69edac9075f4663ce3b56b0c52d48ce6
- https://rhn.redhat.com/errata/RHSA-2016-2957.html
Frequently Asked Questions
What is the severity of CVE-2016-3705?
CVE-2016-3705 is classified as a high-severity vulnerability due to its potential for causing a stack overflow.
How do I fix CVE-2016-3705?
To mitigate CVE-2016-3705, update libxml2 to the recommended versions: 0:2.7.6-21.el6_8.1 for RedHat or 2.9.4+dfsg1-7+deb10u4 for Debian.
What systems are affected by CVE-2016-3705?
CVE-2016-3705 affects various versions of libxml2 across different operating systems including RedHat, Debian, and Ubuntu.
What kind of attack does CVE-2016-3705 enable?
CVE-2016-3705 allows attackers to exploit a stack overflow by using a specially crafted invalid XML file.
When was CVE-2016-3705 first reported?
CVE-2016-3705 was first reported in 2016, highlighting the vulnerabilities in libxml2.
- collector/redhat-cve
- collector/debian-bugs
- alias/CVE-2016-3705
- collector/security-tracker-debian
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/severity
- agent/last-modified-date
- agent/author
- agent/event
- agent/description
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- package-manager/debian
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/12.04
- version/ubuntu linux/14.04
- version/ubuntu linux/15.10
- version/ubuntu linux/16.04
- vendor/xmlsoft
- canonical/gnome libxml2
- version/gnome libxml2/2.9.3
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- vendor/hp
- canonical/hp icewall federation agent
- version/hp icewall federation agent/3.0
- canonical/hp icewall file manager
- version/hp icewall file manager/3.0
- vendor/opensuse
- canonical/opensuse
- version/opensuse/42.1