« List of all CVEs

CVE-2016-1840

Published: 5/20/2016 Last updated: 8/5/2024 Reserved: 1/13/2016

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.

CNA assigner: apple (286789f9-fbc2-4510-9f9a-43facdede74c) Requested by: n/a

Opam packages affected (5)

bap-llvm conf-gtksourceview conf-gtksourceview3 conf-librsvg2 lablgtk3-gtkspell3

Products affected (1)

Product	Vendor	Version
n/a	n/a	< 10.0.19041.1052

References (46)