![]() The vulnerability exists due to a use-after-free error when processing ID and IDREF attributes in valid.c. The vulnerability allows a remote attacker to compromise vulnerable system. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. A remote attacker can pass specially crafted multi-gigabyte XML file to the application, trigger integer overflow and execute arbitrary code on the target system. ![]() The vulnerability exists due to integer overflow in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*). The vulnerability allows a remote attacker to execute arbitrary code on the target system. Is there known malware, which exploits this vulnerability? How the attacker can exploit this vulnerability?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |