CVE-2015-8317

Published: Dec 15, 2015Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.

Affected (13)

Products: Debian: Debian Linux · Canonical: Ubuntu Linux · Xmlsoft: Libxml2 · +2 more

Show all products

Debian: Debian Linux · Canonical: Ubuntu Linux · Xmlsoft: Libxml2 · Redhat: Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server, Enterprise Linux Workstation · Hp: Icewall Federation Agent, Icewall File Manager

1 product

1 product

1 product

4 products

Enterprise Linux Desktop

Enterprise Linux Hpc Node

Enterprise Linux Server

Enterprise Linux Workstation

2 products

Icewall Federation Agent

Icewall File Manager

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 7.0
Debian Debian Linux	Version 8.0

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 15.04
Canonical Ubuntu Linux	Version 15.10

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Xmlsoft Libxml2	Up to 2.9.2

Configuration D

4 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Hpc Node	Version 6.0
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Workstation	Version 6.0

Configuration E

2 vulnerable

Vulnerable Software	Affected Versions
Hp Icewall Federation Agent	Version 3.0
Hp Icewall File Manager	Version 3.0

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (64)

http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=145382616617563&w=2

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2549.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-1089.html

Source: cve@mitre.org

http://www.debian.org/security/2015/dsa-3430

Source: cve@mitre.org

Third Party Advisory

http://www.openwall.com/lists/oss-security/2015/11/21/1

Source: cve@mitre.org

http://www.openwall.com/lists/oss-security/2015/11/22/3

Source: cve@mitre.org

http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

Source: cve@mitre.org

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/77681

Source: cve@mitre.org

http://www.securityfocus.com/bid/91826

Source: cve@mitre.org

http://www.securitytracker.com/id/1034243

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-2834-1

Source: cve@mitre.org

Third Party Advisory

https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html

Source: cve@mitre.org

https://bugzilla.gnome.org/show_bug.cgi?id=751603

Source: cve@mitre.org

Issue Tracking

https://bugzilla.gnome.org/show_bug.cgi?id=751631

Source: cve@mitre.org

ExploitIssue Tracking

https://bugzilla.redhat.com/show_bug.cgi?id=1281930

Source: cve@mitre.org

ExploitIssue Tracking

https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e

Source: cve@mitre.org

https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c

Source: cve@mitre.org

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172

Source: cve@mitre.org

Third Party Advisory

https://support.apple.com/HT206899

Source: cve@mitre.org

https://support.apple.com/HT206901

Source: cve@mitre.org

https://support.apple.com/HT206902

Source: cve@mitre.org

https://support.apple.com/HT206903

Source: cve@mitre.org

https://support.apple.com/HT206904

Source: cve@mitre.org

https://support.apple.com/HT206905

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html