Date: Wed, 17 Apr 2013 14:45:33 +0200 From: Agostino Sarubbo <ago@...too.org> To: oss-security@...ts.openwall.com Subject: CVE request : libxml2 Multiple Use-After-Free Vulnerabilities >From the secunia advisory SA53061: 1) An use-after-free error in "htmlParseChunk()" can be exploited to dereference already freed memory. 2) Two use-after-free errors in "xmldecl_done()" can be exploited to dereference already freed memory. The vulnerabilities are reported in version 2.9.0. Other versions may also be affected. Commit: https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f : https://secunia.com/advisories/53061/ -- Agostino Sarubbo Gentoo Linux Developer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ