Errata ALT-PU-2017-1240-1: Information
Fixes
Published: Feb. 12, 2016
BDU:2016-00572
Уязвимость библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.3)
Links:
Published: March 24, 2016
BDU:2016-00846
Уязвимость браузера Safari, операционных систем Mac OS X и iOS, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: CRITICAL (10.0)
Links:
Published: May 20, 2016
BDU:2016-01376
Уязвимость операционных систем iOS и Mac OS X, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: May 20, 2016
BDU:2016-01377
Уязвимость операционных систем iOS и Mac OS X, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: May 20, 2016
BDU:2016-01378
Уязвимость операционных систем iOS и Mac OS X, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: May 20, 2016
BDU:2016-01379
Уязвимость операционных систем iOS и Mac OS X, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: May 20, 2016
BDU:2016-01380
Уязвимость операционных систем iOS и Mac OS X, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: May 20, 2016
BDU:2016-01381
Уязвимость операционных систем iOS и Mac OS X, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: May 20, 2016
BDU:2016-01382
Уязвимость операционных систем iOS и Mac OS X, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: May 20, 2016
BDU:2016-01383
Уязвимость операционных систем iOS и Mac OS X, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: April 13, 2016
BDU:2016-01650
Уязвимость библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.0)
Links:
Published: Nov. 5, 2017
BDU:2018-00090
Уязвимость макроса NEXTL парсера xml-файлов (parser.c) библиотеки libxml2, позволяющая нарушителю внедрить XML-сущности
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: May 17, 2016
BDU:2018-01270
Уязвимость функций xmlParserEntityCheck и xmlParseAttValueComplex библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 17, 2016
BDU:2018-01271
Уязвимость функции xmlStringGetNodeList библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: June 9, 2016
BDU:2018-01272
Уязвимость функции xmlStringLenDecodeEntities (parser.c) библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании или раскрыть защищаемую информацию
Severity: HIGH (7.3) Vector: AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Links:
Published: April 17, 2017
BDU:2019-00235
Уязвимость компонента xmlParsePEReference библиотеки для работы с XML и HTML файлами libxml2, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 25, 2016
BDU:2021-03125
Уязвимость библиотеки libxml2 операционных систем iPhoneOS, tvOS, watchOS, macOS, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 4, 2017
BDU:2023-00219
Уязвимость компонента parser.c библиотеки Libxml2, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 13, 2016
Modified: Sept. 11, 2020
Modified: Sept. 11, 2020
CVE-2015-8806
dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 24, 2016
Modified: March 26, 2019
Modified: March 26, 2019
CVE-2016-1762
The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
Severity: HIGH (8.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Links:
- https://support.apple.com/HT206166
- APPLE-SA-2016-03-21-3
- APPLE-SA-2016-03-21-6
- https://support.apple.com/HT206169
- https://support.apple.com/HT206171
- APPLE-SA-2016-03-21-1
- https://support.apple.com/HT206168
- https://support.apple.com/HT206167
- APPLE-SA-2016-03-21-2
- APPLE-SA-2016-03-21-5
- DSA-3593
- USN-2994-1
- RHSA-2016:1292
- https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602
- https://bugzilla.gnome.org/show_bug.cgi?id=759671
- http://xmlsoft.org/news.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- 85059
- 1035353
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- RHSA-2016:2957
Published: May 20, 2016
Modified: March 25, 2019
Modified: March 25, 2019
CVE-2016-1833
The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
- https://support.apple.com/HT206566
- APPLE-SA-2016-05-16-3
- https://support.apple.com/HT206567
- https://support.apple.com/HT206568
- https://support.apple.com/HT206564
- APPLE-SA-2016-05-16-1
- APPLE-SA-2016-05-16-2
- APPLE-SA-2016-05-16-4
- DSA-3593
- USN-2994-1
- RHSA-2016:1292
- https://bugs.chromium.org/p/project-zero/issues/detail?id=636
- https://git.gnome.org/browse/libxml2/commit/?id=0bcd05c5cd83dec3406c8f68b769b1d610c72f76
- https://bugzilla.gnome.org/show_bug.cgi?id=758606
- http://xmlsoft.org/news.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- 1035890
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://www.tenable.com/security/tns-2016-18
- 90691
- RHSA-2016:2957
Published: May 20, 2016
Modified: March 25, 2019
Modified: March 25, 2019
CVE-2016-1834
Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- https://support.apple.com/HT206566
- APPLE-SA-2016-05-16-3
- https://support.apple.com/HT206567
- https://support.apple.com/HT206568
- https://support.apple.com/HT206564
- APPLE-SA-2016-05-16-1
- APPLE-SA-2016-05-16-2
- APPLE-SA-2016-05-16-4
- DSA-3593
- USN-2994-1
- RHSA-2016:1292
- https://bugzilla.gnome.org/show_bug.cgi?id=763071
- https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704
- http://xmlsoft.org/news.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- 1035890
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://www.tenable.com/security/tns-2016-18
- 90691
- RHSA-2016:2957
Published: May 20, 2016
Modified: Jan. 5, 2018
Modified: Jan. 5, 2018
CVE-2016-1835
Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.
Severity: HIGH (8.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- https://support.apple.com/HT206567
- https://support.apple.com/HT206568
- APPLE-SA-2016-05-16-2
- APPLE-SA-2016-05-16-4
- DSA-3593
- USN-2994-1
- RHSA-2016:1292
- https://git.gnome.org/browse/libxml2/commit/?id=38eae571111db3b43ffdeb05487c9f60551906fb
- https://bugzilla.gnome.org/show_bug.cgi?id=759020
- http://xmlsoft.org/news.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- 90696
- 1035890
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://www.tenable.com/security/tns-2016-18
- RHSA-2016:2957
Published: May 20, 2016
Modified: March 25, 2019
Modified: March 25, 2019
CVE-2016-1836
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
- https://support.apple.com/HT206566
- APPLE-SA-2016-05-16-3
- https://support.apple.com/HT206567
- https://support.apple.com/HT206568
- https://support.apple.com/HT206564
- APPLE-SA-2016-05-16-1
- APPLE-SA-2016-05-16-2
- APPLE-SA-2016-05-16-4
- DSA-3593
- USN-2994-1
- RHSA-2016:1292
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-1
- https://support.apple.com/HT206904
- https://support.apple.com/HT206899
- https://support.apple.com/HT206902
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-6
- https://support.apple.com/HT206905
- https://support.apple.com/HT206903
- APPLE-SA-2016-07-18-3
- https://support.apple.com/HT206901
- https://bugzilla.gnome.org/show_bug.cgi?id=759398
- https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0
- http://xmlsoft.org/news.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- 1035890
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://www.tenable.com/security/tns-2016-18
- GLSA-201701-37
- 90691
- RHSA-2016:2957
Published: May 20, 2016
Modified: March 25, 2019
Modified: March 25, 2019
CVE-2016-1837
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a crafted XML document.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
- https://support.apple.com/HT206566
- APPLE-SA-2016-05-16-3
- https://support.apple.com/HT206567
- https://support.apple.com/HT206568
- https://support.apple.com/HT206564
- APPLE-SA-2016-05-16-1
- APPLE-SA-2016-05-16-2
- APPLE-SA-2016-05-16-4
- DSA-3593
- USN-2994-1
- RHSA-2016:1292
- https://git.gnome.org/browse/libxml2/commit/?id=11ed4a7a90d5ce156a18980a4ad4e53e77384852
- https://bugzilla.gnome.org/show_bug.cgi?id=760263
- http://xmlsoft.org/news.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- 1035890
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://www.tenable.com/security/tns-2016-18
- 90691
- RHSA-2016:2957
Published: May 20, 2016
Modified: March 25, 2019
Modified: March 25, 2019
CVE-2016-1838
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
- https://support.apple.com/HT206566
- APPLE-SA-2016-05-16-3
- https://support.apple.com/HT206567
- https://support.apple.com/HT206568
- https://support.apple.com/HT206564
- APPLE-SA-2016-05-16-1
- APPLE-SA-2016-05-16-2
- APPLE-SA-2016-05-16-4
- DSA-3593
- USN-2994-1
- RHSA-2016:1292
- https://git.gnome.org/browse/libxml2/commit/?id=db07dd613e461df93dde7902c6505629bf0734e9
- https://bugs.chromium.org/p/project-zero/issues/detail?id=639
- https://bugzilla.gnome.org/show_bug.cgi?id=758588
- http://xmlsoft.org/news.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- 1035890
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://www.tenable.com/security/tns-2016-18
- GLSA-201701-37
- 90691
- RHSA-2016:2957
Published: May 20, 2016
Modified: March 25, 2019
Modified: March 25, 2019
CVE-2016-1839
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
- https://support.apple.com/HT206566
- APPLE-SA-2016-05-16-3
- https://support.apple.com/HT206567
- https://support.apple.com/HT206568
- https://support.apple.com/HT206564
- APPLE-SA-2016-05-16-1
- APPLE-SA-2016-05-16-2
- APPLE-SA-2016-05-16-4
- DSA-3593
- USN-2994-1
- RHSA-2016:1292
- https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33
- https://bugzilla.gnome.org/show_bug.cgi?id=758605
- http://xmlsoft.org/news.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- 1035890
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://www.tenable.com/security/tns-2016-18
- GLSA-201701-37
- 1038623
- 90691
- RHSA-2016:2957
Published: May 20, 2016
Modified: March 25, 2019
Modified: March 25, 2019
CVE-2016-1840
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- https://support.apple.com/HT206566
- APPLE-SA-2016-05-16-3
- https://support.apple.com/HT206567
- https://support.apple.com/HT206568
- https://support.apple.com/HT206564
- APPLE-SA-2016-05-16-1
- APPLE-SA-2016-05-16-2
- APPLE-SA-2016-05-16-4
- DSA-3593
- USN-2994-1
- RHSA-2016:1292
- https://bugzilla.gnome.org/show_bug.cgi?id=757711
- https://git.gnome.org/browse/libxml2/commit/?id=cbb271655cadeb8dbb258a64701d9a3a0c4835b4
- http://xmlsoft.org/news.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- 1035890
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://www.tenable.com/security/tns-2016-18
- GLSA-201701-37
- 90691
- RHSA-2016:2957
Published: Feb. 12, 2016
Modified: April 23, 2020
Modified: April 23, 2020
CVE-2016-2073
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
- [oss-security] 20160125 Out-of-bounds Read in the libxml2's htmlParseNameComplex() function
- [oss-security] 20160126 Re: Out-of-bounds Read in the libxml2's htmlParseNameComplex() function
- DSA-3593
- USN-2994-1
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- 1035011
- 85267
- GLSA-201701-37
Published: May 17, 2016
Modified: Feb. 10, 2024
Modified: Feb. 10, 2024
CVE-2016-3627
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- [oss-security] 20160321 Re: CVE request: Stack exhaustion in libxml2 parsing xml files in recover mode
- openSUSE-SU-2016:1298
- 20160503 CVE-2016-3627 CVE-2016-3705: libxml2: stack overflow in xml validator (parser)
- [oss-security] 20160321 CVE request: Stack exhaustion in libxml2 parsing xml files in recover mode
- DSA-3593
- USN-2994-1
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239
- RHSA-2016:1292
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- 84992
- openSUSE-SU-2016:1446
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://www.tenable.com/security/tns-2016-18
- GLSA-201701-37
- 1035335
- RHSA-2016:2957
Published: May 17, 2016
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2016-3705
The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- openSUSE-SU-2016:1298
- 20160503 CVE-2016-3627 CVE-2016-3705: libxml2: stack overflow in xml validator (parser)
- https://bugzilla.gnome.org/show_bug.cgi?id=765207
- DSA-3593
- USN-2994-1
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239
- RHSA-2016:1292
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- 89854
- openSUSE-SU-2016:1446
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://www.tenable.com/security/tns-2016-18
- GLSA-201701-37
- RHSA-2016:2957
Published: June 9, 2016
Modified: Jan. 18, 2018
Modified: Jan. 18, 2018
CVE-2016-4449
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
Severity: HIGH (7.1) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Links:
- DSA-3593
- USN-2994-1
- [oss-security] 20160525 3 libxml2 issues
- http://xmlsoft.org/news.html
- https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5
- SSA:2016-148-01
- RHSA-2016:1292
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-1
- https://support.apple.com/HT206904
- https://support.apple.com/HT206899
- https://support.apple.com/HT206902
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-6
- https://support.apple.com/HT206905
- https://support.apple.com/HT206903
- APPLE-SA-2016-07-18-3
- https://support.apple.com/HT206901
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- 90865
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://www.tenable.com/security/tns-2016-18
- https://support.cybozu.com/ja-jp/article/9735
- JVNDB-2017-000066
- JVN#17535578
- 1036348
- RHSA-2016:2957
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
Published: April 11, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-4483
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.gnome.org/browse/libxml2/commit/?id=c97750d11bb8b6f3303e7131fe526a61ac65bcfd
- [oss-security] 20160607 Re: Please reject duplicate CVE for libxml2
- [oss-security] 20160607 Please reject duplicate CVE for libxml2
- [oss-security] 20160504 Re: CVE request: out-of-bounds read parsing an XML in libxml2 using recover mode
- [oss-security] 20160503 CVE request: out-of-bounds read parsing an XML in libxml2 using recover mode
- DSA-3593
- 90013
- https://www.tenable.com/security/tns-2016-18
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- GLSA-201701-37
- 1036348
- RHSA-2016:2957
- [bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
Published: Sept. 25, 2016
Modified: March 13, 2019
Modified: March 13, 2019
CVE-2016-4658
xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- APPLE-SA-2016-09-20-3
- https://support.apple.com/HT207170
- https://support.apple.com/HT207143
- APPLE-SA-2016-09-20-5
- https://support.apple.com/HT207141
- https://support.apple.com/HT207142
- APPLE-SA-2016-09-20-6
- APPLE-SA-2016-09-20
- 93054
- GLSA-201701-37
- 1038623
- 1036858
- https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b
Published: July 23, 2016
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-5131
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
Severity: HIGH (8.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=1358641
- https://support.apple.com/HT207141
- https://crbug.com/623378
- openSUSE-SU-2016:1868
- openSUSE-SU-2016:1869
- APPLE-SA-2016-09-20
- APPLE-SA-2016-09-20-3
- 92053
- http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html
- APPLE-SA-2016-09-20-5
- USN-3041-1
- openSUSE-SU-2016:1918
- https://source.android.com/security/bulletin/2017-05-01
- https://codereview.chromium.org/2127493002
- APPLE-SA-2016-09-20-6
- https://support.apple.com/HT207170
- GLSA-201610-09
- GLSA-201701-37
- openSUSE-SU-2016:1865
- https://support.apple.com/HT207142
- https://support.apple.com/HT207143
- RHSA-2016:1485
- 1038623
- 1036428
- DSA-3637
Published: Aug. 16, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-9596
libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-3627.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Aug. 16, 2018
Modified: Nov. 16, 2020
Modified: Nov. 16, 2020
CVE-2016-9598
libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted XML document. NOTE: this vulnerability exists because of a missing fix for CVE-2016-4483.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Nov. 24, 2017
Modified: July 21, 2021
Modified: July 21, 2021
CVE-2017-16931
parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Nov. 24, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2017-16932
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961
- https://bugzilla.gnome.org/show_bug.cgi?id=759579
- http://xmlsoft.org/news.html
- [debian-lts-announce] 20171130 [SECURITY] [DLA 1194-1] libxml2 security update
- https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html
- USN-3739-1
- [debian-lts-announce] 20220408 [SECURITY] [DLA 2972-1] libxml2 security update
- [bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
Published: Feb. 19, 2018
Modified: March 18, 2018
Modified: March 18, 2018
CVE-2017-7375
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://source.android.com/security/bulletin/2017-06-01
- https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e
- https://bugzilla.redhat.com/show_bug.cgi?id=1462203
- https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa
- DSA-3952
- GLSA-201711-01
- 1038623
- 98877