Back to search
CVE-2015-8710
Published: Apr 11, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://hackerone.com/reports/57125#activity-384861
x_refsource_MISC
https://bugzilla.gnome.org/show_bug.cgi?id=746048
x_refsource_CONFIRM
DSA-3430
vendor-advisory
x_refsource_DEBIAN
[oss-security] 20150913 Re: libxml2 issue: out-of-bounds memory access when parsing an unclosed HTML comment
mailing-list
x_refsource_MLIST
RHSA-2016:1089
vendor-advisory
x_refsource_REDHAT
[oss-security] 20150419 libxml2 issue: out-of-bounds memory access when parsing an unclosed HTML comment
mailing-list
x_refsource_MLIST
79811
vdb-entry
x_refsource_BID
[oss-security] 20151231 Re: libxml2 issue: out-of-bounds memory access when parsing an unclosed HTML comment
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now