QwikSec

Security Database

CVE

CWE

Training

CVE-2015-8317

Published: Dec 15, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

openSUSE-SU-2016:0106

vendor-advisory

x_refsource_SUSE

https://bugzilla.redhat.com/show_bug.cgi?id=1281930

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

APPLE-SA-2016-07-18-4

vendor-advisory

x_refsource_APPLE

APPLE-SA-2016-07-18-3

vendor-advisory

x_refsource_APPLE

APPLE-SA-2016-07-18-2

vendor-advisory

x_refsource_APPLE

https://support.apple.com/HT206901

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

https://bugzilla.gnome.org/show_bug.cgi?id=751603

x_refsource_CONFIRM

https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_UBUNTU

APPLE-SA-2016-07-18-1

vendor-advisory

x_refsource_APPLE

APPLE-SA-2016-07-18-6

vendor-advisory

x_refsource_APPLE

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_REDHAT

https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html

x_refsource_MISC

vendor-advisory

x_refsource_HP

https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

[oss-security] 20151122 Re: Libxml2: Several out of bounds reads

mailing-list

x_refsource_MLIST

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

x_refsource_CONFIRM

[oss-security] 20151121 Libxml2: Several out of bounds reads

mailing-list

x_refsource_MLIST

openSUSE-SU-2015:2372

vendor-advisory

x_refsource_SUSE

https://support.apple.com/HT206905

x_refsource_CONFIRM

https://support.apple.com/HT206903

x_refsource_CONFIRM

https://bugzilla.gnome.org/show_bug.cgi?id=751631

x_refsource_CONFIRM

https://support.apple.com/HT206902

x_refsource_CONFIRM

https://support.apple.com/HT206904

x_refsource_CONFIRM

https://support.apple.com/HT206899

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.