Bugs fixes in "libxml2"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2016-4448 | Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. | 2017-03-16 |
| Launchpad | 1652325 | Libxml2 2.9.3 fails to parse multi-byte character in large CDATA section that is split across buffer | 2017-03-16 |
| CVE | CVE-2016-3705 | The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth | 2016-06-06 |
| CVE | CVE-2016-3627 | The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a d | 2016-06-06 |
| CVE | CVE-2016-1840 | libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi | 2016-06-06 |
| CVE | CVE-2016-2073 | The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML doc | 2016-06-06 |
| CVE | CVE-2015-8806 | dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected characte | 2016-06-06 |
| CVE | CVE-2016-1839 | libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi | 2016-06-06 |
| CVE | CVE-2016-1838 | libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi | 2016-06-06 |
| CVE | CVE-2016-1837 | libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi | 2016-06-06 |
| CVE | CVE-2016-1836 | libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi | 2016-06-06 |
| CVE | CVE-2016-1835 | libxml2, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to execute arbitrary code or cause a denial of service (m | 2016-06-06 |
| CVE | CVE-2016-1834 | libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi | 2016-06-06 |
| CVE | CVE-2016-1833 | libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi | 2016-06-06 |
| CVE | CVE-2016-1762 | libxml2 in Apple iOS before 9.3, OS X before 10.11.4, Safari before 9.1, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute a | 2016-06-06 |
| CVE | CVE-2016-3705 | The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth | 2016-06-06 |
| CVE | CVE-2016-3627 | The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a d | 2016-06-06 |
| CVE | CVE-2016-1840 | libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi | 2016-06-06 |
| CVE | CVE-2016-2073 | The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML doc | 2016-06-06 |
| CVE | CVE-2015-8806 | dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected characte | 2016-06-06 |
About
-
Send Feedback to @ubuntu_updates
