Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Xmlsoft Libxml2 xpath.c整数溢出漏洞
Vulnerability Description
Libxml2是GNOME项目组所研发的一个基于C语言的用来解析XML文档的函数库,它支持多种编码格式、Xpath解析、Well-formed和valid验证等。 Libxml2 2.6.x至2.6.32版本和2.7.x至2.7.8版本,libxml 1.8.16及之前版本中存在整数溢出漏洞。该漏洞源于在处理XPath节点集过程中重新分配xpath.c中的内存时产生的错误,当添加新名称空间节点时,远程攻击者可借助能够触发堆缓冲区溢出的XML文件导致拒绝服务并可能执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A