CVE-2017-16932
published 2017-11-23CVE-2017-16932: parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
PriorityP340high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
5.93%
92.3th percentile
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libxml2 | < libxml2 2.9.10+dfsg-2 (bookworm) | libxml2 2.9.10+dfsg-2 (bookworm) |
| nokogiri | nokogiri | >= 0 < 1.8.1 | 1.8.1 |
| xmlsoft | libxml2 | <= 2.9.4 | — |
| xmlsoft | libxml2 | >= 0 < 2.9.10+dfsg-2 | 2.9.10+dfsg-2 |
| xmlsoft | libxml2 | >= 0 < 2.9.10+dfsg-2 | 2.9.10+dfsg-2 |
| xmlsoft | libxml2 | >= 0 < 2.9.10+dfsg-2 | 2.9.10+dfsg-2 |
| xmlsoft | libxml2 | >= 0 < 2.9.10+dfsg-2 | 2.9.10+dfsg-2 |
| xmlsoft | libxml2 | >= 0 < 2.9.1+dfsg1-3ubuntu4.13 | 2.9.1+dfsg1-3ubuntu4.13 |
| xmlsoft | libxml2 | >= 0 < 2.9.3+dfsg1-1ubuntu0.6 | 2.9.3+dfsg1-1ubuntu0.6 |
| xmlsoft | libxml2 | >= 0 < 2.9.4+dfsg1-6.1ubuntu1.2 | 2.9.4+dfsg1-6.1ubuntu1.2 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
cisa_ics·2023-12-14
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
ICS Advisory
##
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
Release DateDecember 14, 2023
Alert CodeICSA-23-348-10
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
- Vulnerabilities: Improper Restriction of XML External Entity Reference, Time-of-check Time-of-use (TOCTOU) Race Condition, Command Injection, Miss
Ubuntu
libxml2 vulnerabilities
vendor_ubuntu·2018-08-14·CVSS 5.5
CVE-2016-9318 [MEDIUM] libxml2 vulnerabilities
Title: libxml2 vulnerabilities
Summary: Several security issues were fixed in libxml2.
Matias Brutti discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2016-9318)
It was discovered that libxml2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 18.04 LTS. (CVE-2017-16932)
It was discovered that libxml2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2017-18258, CVE-2018-14404, CVE-2018-14567)
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
libxml2 vulnerability
vendor_ubuntu·2017-12-05
CVE-2017-16932 libxml2 vulnerability
Title: libxml2 vulnerability
Summary: libxml2 could be made to crash if it opened a specially crafted
file.
Wei Lei discovered that libxml2 incorrecty handled certain parameter
entities. An attacker could use this issue with specially constructed XML
data to cause libxml2 to consume resources, leading to a denial of service.
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
libxml2 vulnerability
vendor_ubuntu·2017-12-05
CVE-2017-16932 libxml2 vulnerability
Title: libxml2 vulnerability
Summary: curl could be made to crash if it received specially crafted
input.
USN-3504-1 fixed a vulnerability in libxml2. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
Wei Lei discovered that libxml2 incorrecty handled certain parameter
entities. An attacker could use this issue with specially constructed XML
data to cause libxml2 to consume resources, leading to a denial of service.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
libxml2: Infinite recursion in parameter entities
vendor_redhat·2017-07-25·CVSS 7.5
CVE-2017-16932 [HIGH] CWE-776 libxml2: Infinite recursion in parameter entities
libxml2: Infinite recursion in parameter entities
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
Statement: This issue affects the versions of rubygem-nokogiri as shipped with Red Hat Subscription Asset Manager 1.x. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
This issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this issue as having Moderate security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer
Debian
CVE-2017-16932: libxml2 - parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in paramete...
vendor_debian·2017·CVSS 7.5
CVE-2017-16932 [HIGH] CVE-2017-16932: libxml2 - parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in paramete...
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
Scope: local
bookworm: resolved (fixed in 2.9.10+dfsg-2)
bullseye: resolved (fixed in 2.9.10+dfsg-2)
forky: resolved (fixed in 2.9.10+dfsg-2)
sid: resolved (fixed in 2.9.10+dfsg-2)
trixie: resolved (fixed in 2.9.10+dfsg-2)
GHSA
Nokogiri gem, via libxml, is affected by DoS vulnerabilities
ghsa·2022-05-13
CVE-2017-16932 [HIGH] CWE-835 Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Nokogiri gem, via libxml, is affected by DoS vulnerabilities
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
OSV
Nokogiri gem, via libxml, is affected by DoS vulnerabilities
osv·2022-05-13
CVE-2017-16932 [HIGH] Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Nokogiri gem, via libxml, is affected by DoS vulnerabilities
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
OSV
libxml2 vulnerabilities
osv·2018-08-14·CVSS 5.5
CVE-2016-9318 [MEDIUM] libxml2 vulnerabilities
libxml2 vulnerabilities
Matias Brutti discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2016-9318)
It was discovered that libxml2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 18.04 LTS. (CVE-2017-16932)
It was discovered that libxml2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2017-18258, CVE-2018-14404, CVE-2018-14567)
OSV
CVE-2017-16932: parser
osv·2017-11-23·CVSS 7.5
CVE-2017-16932 [HIGH] CVE-2017-16932: parser
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
No detection rules found.
No public exploits indexed.
HackerOne
Multiple issues in Libxml2 (2.9.2 - 2.9.5)
hackerone·2019-10-14·CVSS 4.3
[MEDIUM] Multiple issues in Libxml2 (2.9.2 - 2.9.5)
Multiple issues in Libxml2 (2.9.2 - 2.9.5)
Libxml2 is the XML C parser and toolkit developed for the Gnome project. Due to its flexible C implementation and continuous development, Libxml2 is known to be very portable, the library builds and works on a variety of systems (Linux, Unix, Windows, CygWin, MacOS, MacOS X, RISC Os, OS/2, VMS, QNX, MVS, VxWorks, ...). It is or has been adopted by many major vendors or products including Google (Chrome), VMWare, Apple (Safari, Mac OSX, iOS, ...), and many embedded systems. As in the [Google Patch Rewards](https://www.google.com.sg/about/appsecurity/patch-rewards) , Libxml2 is listed in the category of core infrastructure data parsers.
From 2015-2016, our fuzzing work on Libxml2 has systematically identified a sequence of bugs including use-after
Bugzilla
CVE-2017-16932 mingw-libxml2: libxml2: Infinite recursion in parameter entities [fedora-all]
bugzilla·2017-11-24·CVSS 7.5
CVE-2017-16932 [HIGH] CVE-2017-16932 mingw-libxml2: libxml2: Infinite recursion in parameter entities [fedora-all]
CVE-2017-16932 mingw-libxml2: libxml2: Infinite recursion in parameter entities [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple sup
Bugzilla
CVE-2017-16932 libxml2: Infinite recursion in parameter entities [fedora-all]
bugzilla·2017-11-24·CVSS 7.5
CVE-2017-16932 [HIGH] CVE-2017-16932 libxml2: Infinite recursion in parameter entities [fedora-all]
CVE-2017-16932 libxml2: Infinite recursion in parameter entities [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions
Bugzilla
CVE-2017-16932 rubygem-nokogiri: libxml2: Infinite recursion in parameter entities [fedora-all]
bugzilla·2017-11-24·CVSS 7.5
CVE-2017-16932 [HIGH] CVE-2017-16932 rubygem-nokogiri: libxml2: Infinite recursion in parameter entities [fedora-all]
CVE-2017-16932 rubygem-nokogiri: libxml2: Infinite recursion in parameter entities [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple
Bugzilla
CVE-2017-16932 libxml2: Infinite recursion in parameter entities
bugzilla·2017-11-24·CVSS 7.5
CVE-2017-16932 [HIGH] CVE-2017-16932 libxml2: Infinite recursion in parameter entities
CVE-2017-16932 libxml2: Infinite recursion in parameter entities
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
Upstream patch:
https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961
Discussion:
Created libxml2 tracking bugs for this issue:
Affects: fedora-all [bug 1517320]
Created mingw-libxml2 tracking bugs for this issue:
Affects: epel-7 [bug 1517318]
Affects: fedora-all [bug 1517321]
Created ruby193-rubygem-nokogiri tracking bugs for this issue:
Affects: openshift-1 [bug 1517322]
Created rubygem-nokogiri tracking bugs for this issue:
Affects: epel-all [bug 1517317]
Affects: fedora-all [bug 1517319]
---
Statement:
This issue affects the versions of rubygem-nokogiri as shipped with Red Hat Subscripti
Bugzilla
CVE-2017-16932 rubygem-nokogiri: libxml2: Infinite recursion in parameter entities [epel-all]
bugzilla·2017-11-24·CVSS 7.5
CVE-2017-16932 [HIGH] CVE-2017-16932 rubygem-nokogiri: libxml2: Infinite recursion in parameter entities [epel-all]
CVE-2017-16932 rubygem-nokogiri: libxml2: Infinite recursion in parameter entities [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supp
Bugzilla
CVE-2017-16932 mingw-libxml2: libxml2: Infinite recursion in parameter entities [epel-7]
bugzilla·2017-11-24·CVSS 7.5
CVE-2017-16932 [HIGH] CVE-2017-16932 mingw-libxml2: libxml2: Infinite recursion in parameter entities [epel-7]
CVE-2017-16932 mingw-libxml2: libxml2: Infinite recursion in parameter entities [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-7.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Discussion:
Use the following template to fo
http://xmlsoft.org/news.htmlhttps://blog.clamav.net/2018/07/clamav-01001-has-been-released.htmlhttps://bugzilla.gnome.org/show_bug.cgi?id=759579https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961https://gitlab.gnome.org/GNOME/libxml2/-/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3Ehttps://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3Ehttps://lists.debian.org/debian-lts-announce/2017/11/msg00041.htmlhttps://lists.debian.org/debian-lts-announce/2022/04/msg00004.htmlhttps://usn.ubuntu.com/3739-1/http://xmlsoft.org/news.htmlhttps://blog.clamav.net/2018/07/clamav-01001-has-been-released.htmlhttps://bugzilla.gnome.org/show_bug.cgi?id=759579https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3Ehttps://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3Ehttps://lists.debian.org/debian-lts-announce/2017/11/msg00041.htmlhttps://lists.debian.org/debian-lts-announce/2022/04/msg00004.htmlhttps://usn.ubuntu.com/3739-1/
2017-11-23
Published