vendor:
libxml2
by:
infamous42md
7.5
CVSS
HIGH
Buffer-Overflow
119
CWE
Product Name: libxml2
Affected Version From: 2.6.12
Affected Version To: 2.6.14
Patch Exists: NO
Related CWE: Unknown
CPE: a:libxml2_project:libxml2
Platforms Tested:
Unknown
Remote stack-based buffer-overflow vulnerabilities in libxml2
The 'libxml2' library is reported prone to multiple remote stack-based buffer-overflow vulnerabilities caused by insufficient boundary checks. Remote attackers may exploit these issues to execute arbitrary code on a vulnerable computer. The URI parsing functionality and the DNS name resolving code are affected.
Mitigation:
Apply the necessary patches or updates provided by the vendor.