CVE-2016-4447 in Apple tvOSinfo

Summary

The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.

Reservation

05/02/2016

Disclosure

06/09/2016

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
89823	Apple tvOS libxml2 memory corruption	119	Not defined	Official fix	CVE-2016-4447
89797	Apple watchOS libxml2 memory corruption	119	Not defined	Official fix	CVE-2016-4447
89753	Apple Mac OS X libxml2 memory corruption	119	Not defined	Official fix	CVE-2016-4447
89696	Apple iOS libxml2 memory corruption	119	Not defined	Official fix	CVE-2016-4447
87821	libxml2 parser.c xmlParseElementDecl memory corruption	119	Not defined	Official fix	CVE-2016-4447

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!