CVE-2016-1835Improper Restriction of Operations within the Bounds of a Memory Buffer in Libxml2

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-416Use After Free15 documents10 sources
Severity
8.8HIGHNVD
OSV7.5
EPSS
2.6%
top 14.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Xmlsoft Libxml2Debian Libxml2Apple Iphone OS+5 more
Timeline
PublishedMay 20
Latest updateMay 14

Description

Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages7 packages

debiandebian/libxml2< libxml2 2.9.3+dfsg1-1.1 (bookworm)
Debianxmlsoft/libxml2< 2.9.3+dfsg1-1.1+3
Ubuntuxmlsoft/libxml2< 2.9.1+dfsg1-3ubuntu4.8+1
NVDapple/mac_os_x10.11.4
NVDapple/iphone_os9.3.1

Also affects: Debian Linux 8.0, Ubuntu Linux 12.04, 14.04, 15.10, 16.04

🔴Vulnerability Details

3
GHSA
GHSA-7hp3-f9p7-w8f9: Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 22022-05-14
OSV
libxml2 vulnerabilities2016-06-06
OSV
CVE-2016-1835: Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 22016-05-20

📋Vendor Advisories

5
Ubuntu
libxml2 vulnerabilities2016-06-06
Red Hat
libxml2: Heap use-after-free in xmlSAX2AttributeNs2016-05-23
Debian
CVE-2016-1835: libxml2 - Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 befor...2016
Apple
CVE-2016-1835: OS X El Capitan v10.11.5 and Security Update 2016-003
Apple
CVE-2016-1835: iOS 9.3.2

🕵️Threat Intelligence

2
Tenable
[R2] Nessus 6.10 Fixes Multiple Third-party Library Vulnerabilities2017-02-01
Tenable
[R3] LCE 5.0.0 Fixes Multiple Third-party Library Vulnerabilities2017-01-31

💬Community

4
HackerOne
Multiple issues in Libxml2 (2.9.2 - 2.9.5)2019-10-14
Bugzilla
CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 libxml2: various flaws [fedora-a2016-06-24
Bugzilla
CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 mingw-libxml2: various flaws [fe2016-06-24
Bugzilla
CVE-2016-1835 libxml2: Heap use-after-free in xmlSAX2AttributeNs2016-05-23