CVE-2017-9049
Summary
| CVE | CVE-2017-9049 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-05-18 06:29:00 UTC |
| Updated | 2023-11-07 02:50:00 UTC |
| Description | libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398. |
Risk And Classification
Problem Types: CWE-125
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| libxml2 CVE-2017-9049 Heap Buffer Overflow Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| [bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8 | lists.apache.org | ||
| libxml2: Multiple vulnerabilities (GLSA 201711-01) — Gentoo security | GENTOO | security.gentoo.org | |
| Pony Mail! | MLIST | lists.apache.org | |
| oss-security - Invalid writes and reads in libxml2 | MISC | www.openwall.com | Exploit, Mailing List, Patch, Third Party Advisory |
| Debian -- Security Information -- DSA-3952-1 libxml2 | DEBIAN | www.debian.org | |
| Pony Mail! | MLIST | lists.apache.org | |
| [bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8 | lists.apache.org | ||
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.