oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Buffer overflow in libxml2

From: cve-assign () mitre org
Date: Wed, 18 Nov 2015 11:30:42 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


Please assign CVE for below vulnerability


There were two buffer over-read issues reported at different times; we
are assigning two CVE IDs.


https://bugzilla.gnome.org/show_bug.cgi?id=756263
Reported: 2015-10-08 21:12 UTC by Hugh Davenport

Buffer overead with XML parser in xmlNextChar

AddressSanitizer: global-buffer-overflow ... READ of size 1

there is potential to get input that could cause out of bounds memory
to be returned to userspace through the use of libxml2, which could be
used to cause denial of service attacks, or gain sensitive
information.

https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe


Use CVE-2015-8241.



https://bugzilla.gnome.org/show_bug.cgi?id=756372
Reported: 2015-10-11 03:18 UTC by Hugh Davenport 

Buffer overead with HTML parser in push mode in xmlSAX2TextNode

AddressSanitizer: stack-buffer-overflow ... READ of size 1

there is potential to get input that could cause out of bounds memory
to be returned to userspace through the use of libxml2, which could be
used to cause denial of service attacks, or gain sensitive
information.


(apparently https://git.gnome.org/browse/libxml2/log/HTMLparser.c
does not yet have a commit)

Use CVE-2015-8242.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWTKddAAoJEL54rhJi8gl5cb0QAI/a8SGInkhVa0m5K3eWYbE4
F+XXCozYZidv46Ld8zJA/2dXZJ9XlD0sve5THsMH+EKcxPRWrKQMZxhREH9XlygP
X6SxOT7B2rbxCBW6bj8RaCg23JcbdP+Ev4d6Zd+9eRszvb6fRlAIS/FqbNEIQs1u
ZOG3NkNCBuVrKICzzRy45xji+MdCaJzlP0rZzvdU/+Alhe5Y3ugAmnsHcq83ghND
WZfB6PMJDJhPd9yg9cP+2DR8o1iwrln15l0voNAtgVjdioAQgI3XCxOsj4A8W5uI
vVxtm2c3a4nwJokkeStcKHMHwrgABgk9ijOiePOOAbbKRQYuf+PSh8ziWZCJyH08
HgEmUva2ONaDPKuuWz6AQ62vGzSpmyXFz5dE/zJIhxB3IJKoVv4gonVSxc5nu4Ar
Q0yNaLr+xRd2NT3TLXL8wck1QElBjHBPH8HDrb/Q6A4Codqk/tBDzRc0vOWQ4FfY
7tedv+1zMjx4FIJhK/SnqnQa4ZG9lypvVP00PCbZnpPuiVyLlOPZPxRx7Ifteom8
zM6+5fsvHMv4vmpB84BOz+9j9AKv36wM1WtdimST4Bl/Pg7f22+v3PJQl06mWB43
/9lMvsCYbn+NpjBlFOykcrTjUeKYgK8h9tKkDMca2dXAzMpEZHZyR44qXyzSx2rz
glyY1KJD+cauQcYNVFTC
=8GTa
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: