Your submission was sent successfully! Close

CVE-2015-8806

Published: 13 April 2016

dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
libxml2
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus)
Released (2.9.3+dfsg1-1ubuntu0.1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.9.1+dfsg1-3ubuntu4.8)