Launchpad CVE tracker

CVE 2016-1835

Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://support.apple....
CONFIRM: https://support.apple....
APPLE: APPLE-SA-2016-05-16-2
APPLE: APPLE-SA-2016-05-16-4
DEBIAN: DSA-3593
UBUNTU: USN-2994-1
REDHAT: RHSA-2016:1292
CONFIRM: http://xmlsoft.org/new...
CONFIRM: https://bugzilla.gnome...
CONFIRM: https://git.gnome.org/...
CONFIRM: http://www.oracle.com/...
CONFIRM: http://www.oracle.com/...
CONFIRM: http://www.oracle.com/...
BID: 90696
SECTRACK: 1035890
CONFIRM: https://www.tenable.co...
CONFIRM: https://kc.mcafee.com/...
REDHAT: RHSA-2016:2957

Launchpad.net

CVE 2016-1835

Related bugs

References