Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Libxml2 拒绝服务漏洞
Vulnerability Description
Libxml2是GNOME项目组所研发的一个基于C语言的用来解析XML文档的函数库,它支持多种编码格式、Xpath解析、Well-formed和valid验证等。 Libxml2 2.9.2版本中存在安全漏洞,该漏洞源于程序没有正确停止解析无效的输入。攻击者可借助parser.c文件中的‘xmlParseEntityDecl’或‘xmlParseConditionalSections’函数的特制的XML数据,利用该漏洞造成拒绝服务(越边界读取和Libxml2崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A