Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2016-1837

Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a crafted XML document.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://support.apple....
CONFIRM: https://support.apple....
CONFIRM: https://support.apple....
CONFIRM: https://support.apple....
APPLE: APPLE-SA-2016-05-16-1
APPLE: APPLE-SA-2016-05-16-2
APPLE: APPLE-SA-2016-05-16-3
APPLE: APPLE-SA-2016-05-16-4
DEBIAN: DSA-3593
UBUNTU: USN-2994-1
REDHAT: RHSA-2016:1292
CONFIRM: http://xmlsoft.org/new...
CONFIRM: https://bugzilla.gnome...
CONFIRM: https://git.gnome.org/...
CONFIRM: http://www.oracle.com/...
CONFIRM: http://www.oracle.com/...
CONFIRM: http://www.oracle.com/...
SECTRACK: 1035890
CONFIRM: https://www.tenable.co...
CONFIRM: https://kc.mcafee.com/...
BID: 90691
REDHAT: RHSA-2016:2957

Launchpad.net

CVE 2016-1837

Related bugs

References