CVE-2017-5969 in libxml2info

Summary

** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser."

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

02/12/2017

Disclosure

04/11/2017

Moderation

VulDB entry created

Entries

VDB-99597 (1)

CPE

ready

CWE

CWE-476 (Confirmed)

CVSS

4.2

EPSS

0.02935

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-5969
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-5969
CVE Details	https://www.cvedetails.com/cve/CVE-2017-5969/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!