expat: Out-of-bounds heap read on crafted input causing crash (CVE-2016-0718)
The Expat XML parser mishandles certain kinds of malformed input
documents, resulting in buffer overflows during processing and error
reporting.
The overflows can manifest as a segmentation fault or as memory
corruption during a parse operation. The bugs allow for a denial of
service attack
in many applications by an unauthenticated attacker, and could
conceivably result in remote code execution.
Versions Affected: All Expat XML Parser library versions
References:
http://seclists.org/oss-sec/2016/q2/360
Patch:
http://seclists.org/oss-sec/2016/q2/att-360/CVE-2016-0718-v2-2-1.patch
(from redmine: issue id 5595, created on 2016-05-19, closed on 2016-06-23)
- Relations:
- child #5596 (closed)
- child #5597 (closed)
- child #5598 (closed)
- child #5599 (closed)
- child #5600 (closed)