cbcvebase.
CVE-2016-4448
published 2016-06-09

CVE-2016-4448: Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

Affected

51 ranges· showing 25
VendorProductVersion rangeFixed in
appleicloud< 5.2.15.2.1
appleicloud_for_windows
appleios
appleiphone_os<= 9.3.2
appleitunes<= 12.4.1
appleitunes_12.4.2_for_windows
applemac_os_x< 10.11.610.11.6
appleos_x_el_capitan_v10.11.6_and_security_update_2016-004
appletvos<= 9.2.1
appletvos
applewatchos<= 2.2.1
applewatchos
debianlibxml2< libxml2 2.9.4+dfsg1-1 (bookworm)libxml2 2.9.4+dfsg1-1 (bookworm)
hpicewall_federation_agent
mcafeeweb_gateway<= 7.5.2.10
mcafeeweb_gateway7.6.0.0 – 7.6.2.3
oraclelinux
oraclelinux
oraclevm_server
oraclevm_server
redhatenterprise_linux_desktop
redhatenterprise_linux_desktop
redhatenterprise_linux_server
redhatenterprise_linux_server
redhatenterprise_linux_server_aus

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL