CVE-2016-4483 in tvOSinfo

Summary

The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

05/04/2016

Disclosure

04/11/2017

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
89825Apple tvOS libxml2 out-of-bounds125Not definedOfficial fixCVE-2016-4483
89799Apple watchOS libxml2 out-of-bounds125Not definedOfficial fixCVE-2016-4483
89755Apple Mac OS X libxml2 out-of-bounds125Not definedOfficial fixCVE-2016-4483
89698Apple iOS libxml2 out-of-bounds125Not definedOfficial fixCVE-2016-4483

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!