CVE-2017-10672 (retired)

Priority
Description
Use-after-free in the XML-LibXML module through 2.0129 for Perl allows
remote attackers to execute arbitrary code by controlling the arguments to
a replaceChild call.
Notes
 ratliff> poc didn't crash on trusty, did on zesty
 mdeslaur> debian released 2.0128+dfsg-2, reverted in 2.0128+dfsg-3 and
 mdeslaur> fixed in 2.0128+dfsg-4
Assigned-to
mdeslaur
Package
Upstream:released (2.0128+dfsg-4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (2.0123+dfsg-1ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (2.0128+dfsg-5)
More Information

Updated: 2019-08-23 09:12:51 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)