Back to search
CVE-2015-7995
Published: Nov 17, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
DSA-3605
vendor-advisory
x_refsource_DEBIAN
https://support.apple.com/HT206168
x_refsource_CONFIRM
https://support.apple.com/HT205731
x_refsource_CONFIRM
https://support.apple.com/HT205729
x_refsource_CONFIRM
[oss-security] 20151027 CVE request: libxslt xsltStylePreCompute() type confusion DoS
mailing-list
x_refsource_MLIST
[oss-security] 20151028 Re: CVE request: libxslt xsltStylePreCompute() type confusion DoS
mailing-list
x_refsource_MLIST
APPLE-SA-2016-01-25-1
vendor-advisory
x_refsource_APPLE
1034736
vdb-entry
x_refsource_SECTRACK
APPLE-SA-2016-01-19-2
vendor-advisory
x_refsource_APPLE
APPLE-SA-2016-03-21-2
vendor-advisory
x_refsource_APPLE
https://puppet.com/security/cve/cve-2015-7995
x_refsource_CONFIRM
APPLE-SA-2016-01-19-1
vendor-advisory
x_refsource_APPLE
77325
vdb-entry
x_refsource_BID
openSUSE-SU-2016:1439
vendor-advisory
x_refsource_SUSE
SSA:2016-148-02
vendor-advisory
x_refsource_SLACKWARE
https://support.apple.com/HT205732
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1257962
x_refsource_CONFIRM
1038623
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now