CVE-2016-4658

Published: 25 September 2016

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
libxml2
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 LTS (Xenial Xerus)
Released (2.9.3+dfsg1-1ubuntu0.2)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.9.1+dfsg1-3ubuntu4.9)
Patches:
Upstream: https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b