CVE-2009-2416 (retired)

Priority
Description
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26,
2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to
cause a denial of service (application crash) via crafted (1) Notation or
(2) Enumeration attribute types in an XML file, as demonstrated by the
Codenomicon XML fuzzing framework.
Assigned-to
kees
Package
Upstream:needs-triage
Package
Upstream:released (2.7.3.dfsg-2.1)
More Information

Updated: 2019-08-23 08:36:11 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)