- Home
- CVEs with nessus.description==Several stack exhaustion conditions were found in mxml that can easily crash when parsing xml files.
CVE-2016-4570
The mxmlDelete function in mxml-node.c allows remote attackers to cause a denial of service (stack consumption) via crafted xml file.
CVE-2016-4571
The mxml_write_node function in mxml-file.c allows remote attackers to cause a denial of service (stack consumption) via crafted xml file
CVE-2018-20004
A stack-based buffer overflow in mxml_write_node via vectors involving a double-precision floating point number.
For Debian 8 'Jessie', these problems have been fixed in version 2.6-2 deb8u1.
We recommend that you upgrade your mxml packages.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top