CVE-2015-7941 (retired)

Priority
Description
libxml2 2.9.2 does not properly stop parsing invalid input, which allows
context-dependent attackers to cause a denial of service (out-of-bounds
read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl
or (2) xmlParseConditionalSections function in parser.c, as demonstrated by
non-terminated entities.
Assigned-to
mdeslaur
More Information

Updated: 2019-08-23 09:07:58 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)