Description
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
References (32)
Core 32
Core References
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
Exploit, Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1281930
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2015/dsa-3430
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT206901
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2016-1089.html
Issue Tracking x_refsource_confirm
https://bugzilla.gnome.org/show_bug.cgi?id=751603
Patch x_refsource_confirm
https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/91826
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2834-1
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1034243
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-2549.html
Various Sources x_refsource_misc
https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html
Third Party Advisory vendor-advisory
x_refsource_hp
http://marc.info/?l=bugtraq&m=145382616617563&w=2
Patch x_refsource_confirm
https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/77681
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/11/22/3
Third Party Advisory x_refsource_confirm
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/11/21/1
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT206903
Exploit, Issue Tracking x_refsource_confirm
https://bugzilla.gnome.org/show_bug.cgi?id=751631
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT206902
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT206904
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT206899
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT206905
Scores
EPSS
0.0049
EPSS Percentile
65.5%
Details
CWE
CWE-119
Status
published
Products (13)
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
15.04
canonical/ubuntu_linux
15.10
debian/debian_linux
7.0
debian/debian_linux
8.0
hp/icewall_federation_agent
3.0
hp/icewall_file_manager
3.0
redhat/enterprise_linux_desktop
6.0
redhat/enterprise_linux_hpc_node
6.0
... and 3 more
Published
Dec 15, 2015
Tracked Since
Feb 18, 2026