Your submission was sent successfully! Close

CVE-2015-7500

Published: 26 November 2015

The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.

Priority

Medium

Status

Package Release Status
libxml2
Launchpad, Ubuntu, Debian
Upstream
Released (2.9.3)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.9.1+dfsg1-3ubuntu4.6)
Patches:
Upstream: https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f