CVE

Id
91268  
CVE No.
CVE-2016-4449  
Status
Candidate  
Description
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.  
Phase
Assigned (20160502)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
784175 91268 CVE-2016-4449 MLIST:[oss-security] 20160525 3 libxml2 issues  View
784176 91268 CVE-2016-4449 URL:http://www.openwall.com/lists/oss-security/2016/05/25/2  View
784177 91268 CVE-2016-4449 CONFIRM:http://xmlsoft.org/news.html  View
784178 91268 CVE-2016-4449 CONFIRM:https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5  View
784179 91268 CVE-2016-4449 CONFIRM:https://support.apple.com/HT206899  View
784180 91268 CVE-2016-4449 CONFIRM:https://support.apple.com/HT206901  View
784181 91268 CVE-2016-4449 CONFIRM:https://support.apple.com/HT206902  View
784182 91268 CVE-2016-4449 CONFIRM:https://support.apple.com/HT206903  View
784183 91268 CVE-2016-4449 CONFIRM:https://support.apple.com/HT206904  View
784184 91268 CVE-2016-4449 CONFIRM:https://support.apple.com/HT206905  View
784185 91268 CVE-2016-4449 CONFIRM:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709  View
784186 91268 CVE-2016-4449 CONFIRM:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html  View
784187 91268 CVE-2016-4449 CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html  View
784188 91268 CVE-2016-4449 CONFIRM:https://kc.mcafee.com/corporate/index?page=content&id=SB10170  View
784189 91268 CVE-2016-4449 CONFIRM:https://www.tenable.com/security/tns-2016-18  View
784190 91268 CVE-2016-4449 APPLE:APPLE-SA-2016-07-18-1  View
784191 91268 CVE-2016-4449 URL:http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html  View
784192 91268 CVE-2016-4449 APPLE:APPLE-SA-2016-07-18-2  View
784193 91268 CVE-2016-4449 URL:http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html  View
784194 91268 CVE-2016-4449 APPLE:APPLE-SA-2016-07-18-3  View
784195 91268 CVE-2016-4449 URL:http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html  View
784196 91268 CVE-2016-4449 APPLE:APPLE-SA-2016-07-18-4  View
784197 91268 CVE-2016-4449 URL:http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html  View
784198 91268 CVE-2016-4449 APPLE:APPLE-SA-2016-07-18-6  View
784199 91268 CVE-2016-4449 URL:http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html  View
784200 91268 CVE-2016-4449 DEBIAN:DSA-3593  View
784201 91268 CVE-2016-4449 URL:https://www.debian.org/security/2016/dsa-3593  View
784202 91268 CVE-2016-4449 REDHAT:RHSA-2016:1292  View
784203 91268 CVE-2016-4449 URL:https://access.redhat.com/errata/RHSA-2016:1292  View
784204 91268 CVE-2016-4449 SLACKWARE:SSA:2016-148-01  View
784205 91268 CVE-2016-4449 URL:http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722  View
784206 91268 CVE-2016-4449 UBUNTU:USN-2994-1  View
784207 91268 CVE-2016-4449 URL:http://www.ubuntu.com/usn/USN-2994-1  View
784208 91268 CVE-2016-4449 BID:90865  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
4183 JVNDB-2016-004956 複数の Apple 製品などで使用される WebKit における任意のコードを実行される脆弱性 複数の Apple 製品などで使用される WebKit には、任意のコードを実行される、またはサービス運用妨害 (メモリ破損) 状態にされる脆弱性が存在します。 CVE-2016-4762 91268 6.8 8.8 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004956.html  View