CVE-2016-9318

MEDIUM

libxml2 <2.9.4 - XXE

Title source: llm

Description

libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.

References (7)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/94347

[Issue Tracking, Patch, Third Party Advisory, VDB Entry] https://bugzilla.gnome.org/show_bug.cgi?id=772726

[Exploit, Patch, Third Party Advisory] https://github.com/lsh123/xmlsec/issues/43

[Mailing List] https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html

[Third Party Advisory] https://security.gentoo.org/glsa/201711-01

[Third Party Advisory] https://usn.ubuntu.com/3739-1/

[Third Party Advisory] https://usn.ubuntu.com/3739-2/

Scores

CVSS v3 5.5

EPSS 0.0013

EPSS Percentile 32.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Classification

CWE

CWE-611

Status published

Affected Products (6)

xmlsoft/libxml2 < 2.9.4

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

n/a/n/a

Timeline

Published Nov 16, 2016

Tracked Since Feb 18, 2026