[3.4] libxml2: out-of-bounds read in htmlParseNameComplex() (CVE-2016-2073)
CVE-2016-2073: out-of-bounds read in htmlParseNameComplex()
libxml2 is vulnerable to a heap-based buffer overflow, caused by an
out-of-bounds read in the htmlParseNameComplex() function.
By persuading a victim to open a specially crafted XML file, a remote
attacker could overflow a buffer and execute arbitrary code on the
system or cause the application to crash.
Currently there is no known patch available for this issue.
References:
http://www.openwall.com/lists/oss-security/2016/01/25/6
(from redmine: issue id 5440, created on 2016-04-19, closed on 2016-06-15)
- Relations:
- parent #5439 (closed)
- Changesets:
- Revision 8aa7dd81 by Natanael Copa on 2016-05-30T18:06:51Z:
main/libxml2: security upgrade to 2.9.4
Fixes:
CVE-2016-1762
CVE-2016-1833
CVE-2016-1834
CVE-2016-1835
CVE-2016-1836
CVE-2016-1837
CVE-2016-1838
CVE-2016-1839
CVE-2016-1840
CVE-2016-2073 (NOTE: same fix as CVE-2016-1839)
CVE-2016-3627
CVE-2016-3705
CVE-2016-4483
fixes #5440