- Home
- CVEs with nessus.description==CVE-2016-4447 The xmlParseElementDecl function in parser.c in libxml2
before 2.9.4 allows context-dependent attackers to cause a denial of
service (heap-based buffer underread and application crash) via a
crafted file, involving xmlParseName.
CVE-2016-4449 XML external entity (XXE) vulnerability in the
xmlStringLenDecodeEntities function in parser.c in libxml2 before
2.9.4, when not in validating mode, allows context-dependent attackers
to read arbitrary files or cause a denial of service (resource
consumption) via unspecified vectors.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top