CVE-2017-9048

Published: 5/18/2017 Last updated: 8/5/2024 Reserved: 5/18/2017

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (5)

bap-llvm conf-gtksourceview conf-gtksourceview3 conf-librsvg2 lablgtk3-gtkspell3

Products affected (1)

Product	Vendor	Version
n/a	n/a	Windows Server 2012 R2

References (12)

http://www.debian.org/security/2017/dsa-3952
https://security.gentoo.org/glsa/201711-01
http://www.openwall.com/lists/oss-security/2017/05/15/1
http://www.securityfocus.com/bid/98556
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
http://www.debian.org/security/2017/dsa-3952
https://security.gentoo.org/glsa/201711-01
http://www.openwall.com/lists/oss-security/2017/05/15/1
http://www.securityfocus.com/bid/98556
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E