Back to search
CVE-2018-20004
Published: Dec 10, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by testmxml.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/michaelrsweet/mxml/issues/233
x_refsource_MISC
[debian-lts-announce] 20190125 [SECURITY] [DLA 1641-1] mxml security update
mailing-list
x_refsource_MLIST
FEDORA-2019-d333d01e08
vendor-advisory
x_refsource_FEDORA
FEDORA-2019-f99619e34d
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now