漏洞类别:CGI
漏洞等级: 
漏洞信息
libxml2 is prone to multiple vulnerabilities:-
1. The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. (CVE-2016-1762)
2. The xmlPArserPrintFileContextInternal function in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. (CVE-2016-1838)
3. Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 allow remote attackers to cause a denial of service via a crafted XML document. (CVE-2016-1837)
4. Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 allows remote attackers to cause a denial of service via a crafted XML document. (CVE-2016-1836)
5. Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 allows remote attackers to cause a denial of service via a crafted XML document. (CVE-2016-1835)
6. Heap-based buffer overflow in the xmlStrncat function in libxml2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. (CVE-2016-1834)
7. The htmlCurrentChar function in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. (CVE-2016-1833)
8. The xmlNextChar function in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.(CVE-2016-1762)
9. dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character in a crafted HTML document. (CVE-2015-8806)
10. The xmlDictAddString function in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.(CVE-2016-1839)
11. Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. (CVE-2016-1840)
12. The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document. (CVE-2016-2073)
13. The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references. (CVE-2016-3705)
14. The xmlParseElementDecl function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName. (CVE-2016-4447)
15. Format string vulnerability in libxml2 allows attackers to have unspecified impact via format string specifiers in unknown vectors. (CVE-2016-4448)
16. XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 , when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors. (CVE-2016-4449)
17. The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. (CVE-2016-4483)
Versions Affected:-
libxml2 versions prior to 2.9.4
漏洞危害
Successful exploitation allows remote attackers to cause a denial of service via an unexpected character in a crafted HTML document.
解决方案
0day
文章评论