CVE-2016-4449
published 2016-06-09CVE-2016-4449: XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows…
high7.1CVSS 3.0
AVLACLPRNUIRSUCHINAH
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | icloud_for_windows | — | — |
| apple | ios | — | — |
| apple | itunes_12.4.2_for_windows | — | — |
| apple | os_x_el_capitan_v10.11.6_and_security_update_2016-004 | — | — |
| apple | tvos | — | — |
| apple | watchos | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | libxml2 | < libxml2 2.9.3+dfsg1-1.1 (bookworm) | libxml2 2.9.3+dfsg1-1.1 (bookworm) |
| xmlsoft | libxml2 | <= 2.9.3 | — |
| xmlsoft | libxml2 | >= 0 < 2.9.3+dfsg1-1.1 | 2.9.3+dfsg1-1.1 |
| xmlsoft | libxml2 | >= 0 < 2.9.3+dfsg1-1.1 | 2.9.3+dfsg1-1.1 |
| xmlsoft | libxml2 | >= 0 < 2.9.3+dfsg1-1.1 | 2.9.3+dfsg1-1.1 |
| xmlsoft | libxml2 | >= 0 < 2.9.3+dfsg1-1.1 | 2.9.3+dfsg1-1.1 |
| xmlsoft | libxml2 | >= 0 < 2.9.1+dfsg1-3ubuntu4.8 | 2.9.1+dfsg1-3ubuntu4.8 |
| xmlsoft | libxml2 | >= 0 < 2.9.3+dfsg1-1ubuntu0.1 | 2.9.3+dfsg1-1ubuntu0.1 |
CVSS provenance
nvdv3.07.1HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
osv7.5HIGH
Apple
CVE-2016-4449: iTunes 12.4.2 for Windows
vendor_apple·2016-07-18·CVSS 7.1
CVE-2016-4449 [HIGH] CVE-2016-4449: iTunes 12.4.2 for Windows
Apple Security Update: About the security content of iTunes 12.4.2 for Windows
Product: iTunes 12.4.2 for Windows
CVE: CVE-2016-4449
Component: About Apple security updates
Impact: Multiple vulnerabilities in libxml2
Description: Multiple memory corruption issues were addressed through improved memory handling.
Apple
CVE-2016-4449: OS X El Capitan v10.11.6 and Security Update 2016-004
vendor_apple·2016-07-18·CVSS 7.1
CVE-2016-4449 [HIGH] CVE-2016-4449: OS X El Capitan v10.11.6 and Security Update 2016-004
Apple Security Update: About the security content of OS X El Capitan v10.11.6 and Security Update 2016-004
Product: OS X El Capitan v10.11.6 and Security Update 2016-004
CVE: CVE-2016-4449
Component: LibreSSL
Impact: A remote attacker may be able to execute arbitrary code
Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7.
Apple
CVE-2016-4449: watchOS 2.2.2
vendor_apple·2016-07-18·CVSS 7.1
CVE-2016-4449 [HIGH] CVE-2016-4449: watchOS 2.2.2
Apple Security Update: About the security content of watchOS 2.2.2
Product: watchOS
Version: 2.2.2
CVE: CVE-2016-4449
Component: Libc
Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Description: A buffer overflow existed within the "link_ntoa()" function in linkaddr.c. This issue was addressed through additional bounds checking.
Apple
CVE-2016-4449: iOS 9.3.3
vendor_apple·2016-07-18·CVSS 7.1
CVE-2016-4449 [HIGH] CVE-2016-4449: iOS 9.3.3
Apple Security Update: About the security content of iOS 9.3.3
Product: iOS
Version: 9.3.3
CVE: CVE-2016-4449
Component: Libc
Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Description: A buffer overflow existed within the "link_ntoa()" function in linkaddr.c. This issue was addressed through additional bounds checking.
Apple
CVE-2016-4449: iCloud for Windows 5.2.1
vendor_apple·2016-07-18·CVSS 7.1
CVE-2016-4449 [HIGH] CVE-2016-4449: iCloud for Windows 5.2.1
Apple Security Update: About the security content of iCloud for Windows 5.2.1
Product: iCloud for Windows
Version: 5.2.1
CVE: CVE-2016-4449
Component: About Apple security updates
Impact: Multiple vulnerabilities in libxml2
Description: Multiple memory corruption issues were addressed through improved memory handling.
Apple
CVE-2016-4449: tvOS 9.2.2
vendor_apple·2016-07-18·CVSS 7.1
CVE-2016-4449 [HIGH] CVE-2016-4449: tvOS 9.2.2
Apple Security Update: About the security content of tvOS 9.2.2
Product: tvOS
Version: 9.2.2
CVE: CVE-2016-4449
Component: Kernel
Impact: A local user may be able to cause a system denial of service
Description: A null pointer dereference was addressed through improved input validation.
Ubuntu
libxml2 vulnerabilities
vendor_ubuntu·2016-06-06·CVSS 7.5
CVE-2015-8806 [HIGH] libxml2 vulnerabilities
Title: libxml2 vulnerabilities
Summary: Several security issues were fixed in libxml2.
It was discovered that libxml2 incorrectly handled certain malformed
documents. If a user or automated system were tricked into opening a
specially crafted document, an attacker could possibly cause libxml2 to
crash, resulting in a denial of service. (CVE-2015-8806, CVE-2016-2073,
CVE-2016-3627, CVE-2016-3705, CVE-2016-4447)
It was discovered that libxml2 incorrectly handled certain malformed
documents. If a user or automated system were tricked into opening a
specially crafted document, an attacker could cause libxml2 to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-1762, CVE-2016-1834)
Mateusz Jurczyk discovered that libxml2 incorrectly handled certain
malfo
Red Hat
libxml2: Inappropriate fetch of entities content
vendor_redhat·2016-05-23·CVSS 7.1
CVE-2016-4449 [HIGH] libxml2: Inappropriate fetch of entities content
libxml2: Inappropriate fetch of entities content
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
Package: libxml2 (Red Hat Enterprise Linux 5) - Will not fix
Package: libxml2 (Red Hat JBoss Enterprise Web Server 3) - Affected
Debian
CVE-2016-4449: libxml2 - XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities functi...
vendor_debian·2016·CVSS 7.1
CVE-2016-4449 [HIGH] CVE-2016-4449: libxml2 - XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities functi...
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
Scope: local
bookworm: resolved (fixed in 2.9.3+dfsg1-1.1)
bullseye: resolved (fixed in 2.9.3+dfsg1-1.1)
forky: resolved (fixed in 2.9.3+dfsg1-1.1)
sid: resolved (fixed in 2.9.3+dfsg1-1.1)
trixie: resolved (fixed in 2.9.3+dfsg1-1.1)
GHSA
GHSA-r3pg-4m7c-9pvw: XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser
ghsa_unreviewed·2022-05-14
CVE-2016-4449 [HIGH] CWE-20 GHSA-r3pg-4m7c-9pvw: XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
OSV
CVE-2016-4449: XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser
osv·2016-06-09·CVSS 7.1
CVE-2016-4449 [HIGH] CVE-2016-4449: XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
OSV
libxml2 vulnerabilities
osv·2016-06-06·CVSS 7.5
CVE-2015-8806 [HIGH] libxml2 vulnerabilities
libxml2 vulnerabilities
It was discovered that libxml2 incorrectly handled certain malformed
documents. If a user or automated system were tricked into opening a
specially crafted document, an attacker could possibly cause libxml2 to
crash, resulting in a denial of service. (CVE-2015-8806, CVE-2016-2073,
CVE-2016-3627, CVE-2016-3705, CVE-2016-4447)
It was discovered that libxml2 incorrectly handled certain malformed
documents. If a user or automated system were tricked into opening a
specially crafted document, an attacker could cause libxml2 to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-1762, CVE-2016-1834)
Mateusz Jurczyk discovered that libxml2 incorrectly handled certain
malformed documents. If a user or automated system were tricked into
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 libxml2: various flaws [fedora-a
bugzilla·2016-06-24·CVSS 8.1
CVE-2016-1762 [HIGH] CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 libxml2: various flaws [fedora-a
CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 libxml2: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE
Bugzilla
CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 mingw-libxml2: various flaws [fe
bugzilla·2016-06-24·CVSS 8.1
CVE-2016-1762 [HIGH] CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 mingw-libxml2: various flaws [fe
CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 mingw-libxml2: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention t
Bugzilla
CVE-2016-4449 libxml2: Inappropriate fetch of entities content
bugzilla·2016-05-23·CVSS 7.1
CVE-2016-4449 [HIGH] CVE-2016-4449 libxml2: Inappropriate fetch of entities content
CVE-2016-4449 libxml2: Inappropriate fetch of entities content
A vulnerability was found in the libxml2 library. The parser would fetch content of an external entity while not in validating mode.
References:
https://bugzilla.gnome.org/show_bug.cgi?id=761430
Upstream fix:
https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Via RHSA-2016:1292 https://access.redhat.com/errata/RHSA-2016:1292
---
Created libxml2 tracking bugs for this issue:
Affects: fedora-all [bug 1349794]
---
Created mingw-libxml2 tracking bugs for this issue:
Affects: fedora-all [bug 1349795]
---
This issue has been addressed in the following product
Tenable
[R2] Nessus 6.10 Fixes Multiple Third-party Library Vulnerabilities
blogs_tenable·2017-02-01
[R2] Nessus 6.10 Fixes Multiple Third-party Library Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
[R3] LCE 5.0.0 Fixes Multiple Third-party Library Vulnerabilities
blogs_tenable·2017-01-31
[R3] LCE 5.0.0 Fixes Multiple Third-party Library Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
http://jvn.jp/en/jp/JVN17535578/index.htmlhttp://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000066.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00003.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00005.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2957.htmlhttp://www.openwall.com/lists/oss-security/2016/05/25/2http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlhttp://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlhttp://www.securityfocus.com/bid/90865http://www.securitytracker.com/id/1036348http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722http://www.ubuntu.com/usn/USN-2994-1http://xmlsoft.org/news.htmlhttps://access.redhat.com/errata/RHSA-2016:1292https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709https://kc.mcafee.com/corporate/index?page=content&id=SB10170https://support.apple.com/HT206899https://support.apple.com/HT206901https://support.apple.com/HT206902https://support.apple.com/HT206903https://support.apple.com/HT206904https://support.apple.com/HT206905https://support.cybozu.com/ja-jp/article/9735https://www.debian.org/security/2016/dsa-3593https://www.tenable.com/security/tns-2016-18http://jvn.jp/en/jp/JVN17535578/index.htmlhttp://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000066.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00003.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00005.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2957.htmlhttp://www.openwall.com/lists/oss-security/2016/05/25/2http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlhttp://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlhttp://www.securityfocus.com/bid/90865http://www.securitytracker.com/id/1036348http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722http://www.ubuntu.com/usn/USN-2994-1http://xmlsoft.org/news.htmlhttps://access.redhat.com/errata/RHSA-2016:1292https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709https://kc.mcafee.com/corporate/index?page=content&id=SB10170https://support.apple.com/HT206899https://support.apple.com/HT206901https://support.apple.com/HT206902https://support.apple.com/HT206903https://support.apple.com/HT206904https://support.apple.com/HT206905https://support.cybozu.com/ja-jp/article/9735https://www.debian.org/security/2016/dsa-3593https://www.tenable.com/security/tns-2016-18
2016-06-09
Published