The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2016/05/09/16 | Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2016/05/11/14 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/90315 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=1334648 | Issue Tracking Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/01/msg00018.html | Third Party Advisory |
Configurations
History
16 Jun 2021, 16:28
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:msweet:mini-xml:*:*:*:*:*:*:*:* |
cpe:2.3:a:mini-xml_project:mini-xml:2.9:*:*:*:*:*:*:* cpe:2.3:a:mini-xml_project:mini-xml:*:*:*:*:*:*:*:* |
CWE | CWE-400 |
Information
Published : 2017-02-03 15:59
Updated : 2024-02-04 19:11
NVD link : CVE-2016-4570
Mitre link : CVE-2016-4570
CVE.ORG link : CVE-2016-4570
JSON object : View
Products Affected
debian
- debian_linux
mini-xml_project
- mini-xml
CWE
CWE-400
Uncontrolled Resource Consumption