CVE-2015-8317 in libxml2
Resumen (Inglés)
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
Once again VulDB remains the best source for vulnerability data.
Reservar
2015-11-22
Divulgación
2015-12-15
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 79334 | Xmlsoft libxml2 XML xmlParseXMLDecl desbordamiento de búfer | 119 | No probado | Arreglo oficial | CVE-2015-8317 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV