CVE-2009-3627

Priority
Description
The decode_entities function in util.c in HTML-Parser before 3.63 allows
context-dependent attackers to cause a denial of service (infinite loop)
via an incomplete SGML numeric character reference, which triggers
generation of an invalid UTF-8 character.
More Information

Updated: 2019-03-19 11:51:05 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)