CVE-2004-2159 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Command Line XML Toolkit

5 documents5 sources

Severity

10.0CRITICALNVD

EPSS

0.4%

top 37.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Xmlstarlet Command Line XML Toolkit

Timeline

PublishedDec 31

Latest updateApr 29

Description

Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via (1) xml_elem.c and (2) xml_select.c.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDxmlstarlet/command_line_xml_toolkit0.9.3

Patches

Patch: securitytracker.com ↗Patch: sourceforge.net ↗Patch: www.osvdb.org ↗

🔴Vulnerability Details

GHSA

GHSA-hvrw-m6gg-3mwq: Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0↗2022-04-29

▶

CVEList

CVE-2004-2159: Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0↗2005-07-10

▶

OSV

CVE-2004-2159: Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0↗2004-12-31

▶

📋Vendor Advisories

Debian

CVE-2004-2159: xmlstarlet - Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unkn...↗2004

▶