CVE-2015-8710
published 2016-04-11CVE-2015-8710: The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory…
PriorityP339critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
4.88%
91.0th percentile
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | libxml2 | < libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bookworm) | libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bookworm) |
| xmlsoft | libxml2 | < 2.9.3 | 2.9.3 |
| xmlsoft | libxml2 | >= 0 < 2.9.2+really2.9.1+dfsg1-0.1 | 2.9.2+really2.9.1+dfsg1-0.1 |
| xmlsoft | libxml2 | >= 0 < 2.9.2+really2.9.1+dfsg1-0.1 | 2.9.2+really2.9.1+dfsg1-0.1 |
| xmlsoft | libxml2 | >= 0 < 2.9.2+really2.9.1+dfsg1-0.1 | 2.9.2+really2.9.1+dfsg1-0.1 |
| xmlsoft | libxml2 | >= 0 < 2.9.2+really2.9.1+dfsg1-0.1 | 2.9.2+really2.9.1+dfsg1-0.1 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
libxml2 vulnerabilities
vendor_ubuntu·2016-01-19
CVE-2015-7499 libxml2 vulnerabilities
Title: libxml2 vulnerabilities
Summary: libxml2 could be made to crash if it opened a specially crafted file.
It was discovered that libxml2 incorrectly handled certain malformed
documents. If a user or automated system were tricked into opening a
specially crafted document, an attacker could possibly cause libxml2 to
crash, resulting in a denial of service.
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Red Hat
libxml2: out-of-bounds memory access when parsing an unclosed HTML comment
vendor_redhat·2015-04-19·CVSS 9.8
CVE-2015-8710 [CRITICAL] CWE-119 libxml2: out-of-bounds memory access when parsing an unclosed HTML comment
libxml2: out-of-bounds memory access when parsing an unclosed HTML comment
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
It was discovered that libxml2 could access out-of-bounds memory when parsing unclosed HTML comments. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to disclose heap memory contents.
Package: libxml2 (Red Hat Enterprise Linux 5) - Will not fix
Package: libxml2 (Red Hat JBoss Enterprise Web Server 2) - Will not fix
Debian
CVE-2015-8710: libxml2 - The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obt...
vendor_debian·2015·CVSS 9.8
CVE-2015-8710 [CRITICAL] CVE-2015-8710: libxml2 - The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obt...
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
Scope: local
bookworm: resolved (fixed in 2.9.2+really2.9.1+dfsg1-0.1)
bullseye: resolved (fixed in 2.9.2+really2.9.1+dfsg1-0.1)
forky: resolved (fixed in 2.9.2+really2.9.1+dfsg1-0.1)
sid: resolved (fixed in 2.9.2+really2.9.1+dfsg1-0.1)
trixie: resolved (fixed in 2.9.2+really2.9.1+dfsg1-0.1)
GHSA
GHSA-v7gh-6vm2-wvxm: The htmlParseComment function in HTMLparser
ghsa_unreviewed·2022-05-13
CVE-2015-8710 [CRITICAL] CWE-119 GHSA-v7gh-6vm2-wvxm: The htmlParseComment function in HTMLparser
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
OSV
CVE-2015-8710: The htmlParseComment function in HTMLparser
osv·2016-04-11·CVSS 9.8
CVE-2015-8710 [CRITICAL] CVE-2015-8710: The htmlParseComment function in HTMLparser
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
No detection rules found.
No public exploits indexed.
http://rhn.redhat.com/errata/RHSA-2016-1089.htmlhttp://www.debian.org/security/2015/dsa-3430http://www.openwall.com/lists/oss-security/2015/04/19/4http://www.openwall.com/lists/oss-security/2015/09/13/1http://www.openwall.com/lists/oss-security/2015/12/31/7http://www.securityfocus.com/bid/79811https://bugzilla.gnome.org/show_bug.cgi?id=746048https://git.gnome.org/browse/libxml2/commit/?id=e724879d964d774df9b7969fc846605aa1bac54chttps://hackerone.com/reports/57125#activity-384861http://rhn.redhat.com/errata/RHSA-2016-1089.htmlhttp://www.debian.org/security/2015/dsa-3430http://www.openwall.com/lists/oss-security/2015/04/19/4http://www.openwall.com/lists/oss-security/2015/09/13/1http://www.openwall.com/lists/oss-security/2015/12/31/7http://www.securityfocus.com/bid/79811https://bugzilla.gnome.org/show_bug.cgi?id=746048https://git.gnome.org/browse/libxml2/commit/?id=e724879d964d774df9b7969fc846605aa1bac54chttps://hackerone.com/reports/57125#activity-384861
2016-04-11
Published