CVE-2016-9597
HIGHUbuntu Linux - Denial of Service via Stack Overflow in libxml2
Title source: llmDescription
It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/98567
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9597
Scores
CVSS v3
7.5
EPSS
0.0115
EPSS Percentile
78.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-119
CWE-674
Status
published
Products (9)
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
15.10
canonical/ubuntu_linux
16.04
debian/debian_linux
8.0
hp/icewall_federation_agent
3.0
hp/icewall_file_manager
3.0
opensuse/leap
42.1
xmlsoft/libxml2
2.9.3
Published
Jul 30, 2018
Tracked Since
Feb 18, 2026