JVN/CVE Demo: Cveinfos

CVE

Id: 88655
CVE No.: CVE-2016-1836
Status: Candidate
Description: Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document.
Phase: Assigned (20160113)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
770353	88655	CVE-2016-1836	CONFIRM:https://support.apple.com/HT206564	View
770354	88655	CVE-2016-1836	CONFIRM:https://support.apple.com/HT206566	View
770355	88655	CVE-2016-1836	CONFIRM:https://support.apple.com/HT206567	View
770356	88655	CVE-2016-1836	CONFIRM:https://support.apple.com/HT206568	View
770357	88655	CVE-2016-1836	CONFIRM:https://support.apple.com/HT206899	View
770358	88655	CVE-2016-1836	CONFIRM:https://support.apple.com/HT206901	View
770359	88655	CVE-2016-1836	CONFIRM:https://support.apple.com/HT206902	View
770360	88655	CVE-2016-1836	CONFIRM:https://support.apple.com/HT206903	View
770361	88655	CVE-2016-1836	CONFIRM:https://support.apple.com/HT206904	View
770362	88655	CVE-2016-1836	CONFIRM:https://support.apple.com/HT206905	View
770363	88655	CVE-2016-1836	CONFIRM:http://xmlsoft.org/news.html	View
770364	88655	CVE-2016-1836	CONFIRM:https://bugzilla.gnome.org/show_bug.cgi?id=759398	View
770365	88655	CVE-2016-1836	CONFIRM:https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0	View
770366	88655	CVE-2016-1836	CONFIRM:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	View
770367	88655	CVE-2016-1836	CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html	View
770368	88655	CVE-2016-1836	CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	View
770369	88655	CVE-2016-1836	CONFIRM:https://kc.mcafee.com/corporate/index?page=content&id=SB10170	View
770370	88655	CVE-2016-1836	CONFIRM:https://www.tenable.com/security/tns-2016-18	View
770371	88655	CVE-2016-1836	APPLE:APPLE-SA-2016-05-16-1	View
770372	88655	CVE-2016-1836	URL:http://lists.apple.com/archives/security-announce/2016/May/msg00001.html	View
770373	88655	CVE-2016-1836	APPLE:APPLE-SA-2016-05-16-2	View
770374	88655	CVE-2016-1836	URL:http://lists.apple.com/archives/security-announce/2016/May/msg00002.html	View
770375	88655	CVE-2016-1836	APPLE:APPLE-SA-2016-05-16-3	View
770376	88655	CVE-2016-1836	URL:http://lists.apple.com/archives/security-announce/2016/May/msg00003.html	View
770377	88655	CVE-2016-1836	APPLE:APPLE-SA-2016-05-16-4	View
770378	88655	CVE-2016-1836	URL:http://lists.apple.com/archives/security-announce/2016/May/msg00004.html	View
770379	88655	CVE-2016-1836	APPLE:APPLE-SA-2016-07-18-1	View
770380	88655	CVE-2016-1836	URL:http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html	View
770381	88655	CVE-2016-1836	APPLE:APPLE-SA-2016-07-18-2	View
770382	88655	CVE-2016-1836	URL:http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html	View
770383	88655	CVE-2016-1836	APPLE:APPLE-SA-2016-07-18-3	View
770384	88655	CVE-2016-1836	URL:http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html	View
770385	88655	CVE-2016-1836	APPLE:APPLE-SA-2016-07-18-4	View
770386	88655	CVE-2016-1836	URL:http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html	View
770387	88655	CVE-2016-1836	APPLE:APPLE-SA-2016-07-18-6	View
770388	88655	CVE-2016-1836	URL:http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html	View
770389	88655	CVE-2016-1836	DEBIAN:DSA-3593	View
770390	88655	CVE-2016-1836	URL:https://www.debian.org/security/2016/dsa-3593	View
770391	88655	CVE-2016-1836	REDHAT:RHSA-2016:1292	View
770392	88655	CVE-2016-1836	URL:https://access.redhat.com/errata/RHSA-2016:1292	View
770393	88655	CVE-2016-1836	UBUNTU:USN-2994-1	View
770394	88655	CVE-2016-1836	URL:http://www.ubuntu.com/usn/USN-2994-1	View
770395	88655	CVE-2016-1836	SECTRACK:1035890	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
2295	JVNDB-2016-003068	Red Hat OpenShift Enterprise における他の名前空間からログファイルを読まれる脆弱性	Red Hat OpenShift Enterprise には、他の名前空間からログファイルを読まれる脆弱性が存在します。	CVE-2016-2149	88655	4	6.5	http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-003068.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.33 MB
View render complete	2.80 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	10.55
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	429.57
Event: Controller.beforeRender	5.28
» Processing toolbar data	5.19
Rendering View	13.86
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	12.87
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.54
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.09
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/88655
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/88655
Remote Port	11413
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.217.10
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.2.80.175
Http Via	1.1 squid-proxy-5b5d847c96-wnrnx (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.217.10
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.217.10
Unique Id	aILYPFBr0mTsmudwR4HJhAAAAVs
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.217.10
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.217.10
Redirect Unique Id	aILYPFBr0mTsmudwR4HJhAAAAVs
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.217.10
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.217.10
Redirect Redirect Unique Id	aILYPFBr0mTsmudwR4HJhAAAAVs
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1753405500.4757
Request Time	1753405500

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files