Description
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6Attack Vector: Network
Complexity: Low
Privileges: None
User Interaction: None
Scope: Unchanged
Confidentiality: None
Integrity: None
Availability: High
Affected Packages2 packages
🔴Vulnerability Details
3GHSAGHSA-rf96-7wvx-58w8: libxml2 20904-GITv2↗2022-05-13 CVEListCVE-2017-9048: libxml2 20904-GITv2↗2017-05-18 OSVCVE-2017-9048: libxml2 20904-GITv2↗2017-05-18 📋Vendor Advisories
4Ubuntulibxml2 vulnerabilities↗2017-10-10 Ubuntulibxml2 vulnerabilities↗2017-09-19 Red Hatlibxml2: Stack-based buffer overflow in function xmlSnprintfElementContent↗2017-05-15 DebianCVE-2017-9048: libxml2 - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overfl...↗2017 💬Community
3BugzillaCVE-2017-9048 libxml2: Stack-based buffer overflow in function xmlSnprintfElementContent↗2017-05-19 BugzillaCVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 mingw-libxml2: various flaws [fedora-all]↗2017-05-19 BugzillaCVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 libxml2: various flaws [fedora-all]↗2017-05-19