Launchpad CVE tracker

CVE 2015-7995

The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2015102...
MLIST: [oss-security] 2015102...
CONFIRM: https://bugzilla.redha...
CONFIRM: https://git.gnome.org/...
BID: 77325
CONFIRM: https://support.apple....
CONFIRM: https://support.apple....
CONFIRM: https://support.apple....
APPLE: APPLE-SA-2016-01-19-1
APPLE: APPLE-SA-2016-01-19-2
APPLE: APPLE-SA-2016-01-25-1
CONFIRM: https://support.apple....
APPLE: APPLE-SA-2016-03-21-2
CONFIRM: https://h20566.www2.hp...
CONFIRM: https://h20566.www2.hp...
CONFIRM: http://www.oracle.com/...
DEBIAN: DSA-3605
SUSE: openSUSE-SU-2016:1439
SLACKWARE: SSA:2016-148-02
SECTRACK: 1038623
SECTRACK: 1034736
CONFIRM: https://puppet.com/sec...

Launchpad.net

CVE 2015-7995

Related bugs

References