← Back

CVE-2016-1840

nvd nist
Published: May 20, 2016Modified: May 6, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.

Affected (30)

Show all products
Debian: Debian Linux · Apple: Iphone Os, Mac Os X, Tvos, Watchos · Canonical: Ubuntu Linux · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Eus, Enterprise Linux Server Tus, Enterprise Linux Workstation · Xmlsoft: Libxml2 · Mcafee: Web Gateway
Debian
1 product
Debian Linux
Apple
4 products
Iphone Os
Mac Os X
Tvos
Watchos
Canonical
1 product
Ubuntu Linux
Redhat
6 products
Enterprise Linux Desktop
Enterprise Linux Server
Enterprise Linux Server Aus
Enterprise Linux Server Eus
Enterprise Linux Server Tus
Enterprise Linux Workstation
Xmlsoft
1 product
Libxml2
Mcafee
1 product
Web Gateway
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 8.0
Configuration B
4 vulnerable
Vulnerable SoftwareAffected Versions
Iphone Os
Before 9.3.2
Mac Os X
Before 10.11.5
Tvos
Before 9.2.1
Watchos
Before 2.2.1
Configuration C
4 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 12.04
Ubuntu Linux
Version 14.04
Ubuntu Linux
Version 15.10
Ubuntu Linux
Version 16.04
Configuration D
18 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Enterprise Linux Desktop
Version 6.0
Enterprise Linux Desktop
Version 7.0
Redhat
Enterprise Linux Server
Version 6.0
Enterprise Linux Server
Version 7.0
Redhat
Enterprise Linux Server Aus
Version 7.2
Enterprise Linux Server Aus
Version 7.3
Enterprise Linux Server Aus
Version 7.4
Enterprise Linux Server Aus
Version 7.6
Redhat
Enterprise Linux Server Eus
Version 7.2
Enterprise Linux Server Eus
Version 7.3
Enterprise Linux Server Eus
Version 7.4
Enterprise Linux Server Eus
Version 7.5
Enterprise Linux Server Eus
Version 7.6
Redhat
Enterprise Linux Server Tus
Version 7.2
Enterprise Linux Server Tus
Version 7.3
Enterprise Linux Server Tus
Version 7.6
Redhat
Enterprise Linux Workstation
Version 6.0
Enterprise Linux Workstation
Version 7.0
Configuration E
1 vulnerable
Vulnerable SoftwareAffected Versions
Libxml2
Before 2.9.4
Configuration F
2 vulnerable
Vulnerable SoftwareAffected Versions
Mcafee
Web Gateway
From 7.5.0.0 to 7.5.2.10
Web Gateway
From 7.6.0.0 to 7.6.2.3

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (46)

Source: product-security@apple.com
Mailing ListVendor Advisory
Source: product-security@apple.com
Mailing ListVendor Advisory
Source: product-security@apple.com
Mailing ListVendor Advisory
Source: product-security@apple.com
Mailing ListVendor Advisory
Source: product-security@apple.com
Third Party Advisory
Source: product-security@apple.com
Third Party Advisory
Source: product-security@apple.com
Third Party Advisory
Source: product-security@apple.com
Third Party Advisory
Source: product-security@apple.com
Third Party AdvisoryVDB Entry
Source: product-security@apple.com
Third Party AdvisoryVDB Entry
Source: product-security@apple.com
Third Party Advisory
Source: product-security@apple.com
Release NotesVendor Advisory
Source: product-security@apple.com
Third Party Advisory
Source: product-security@apple.com
ExploitIssue TrackingThird Party Advisory
Source: product-security@apple.com
PatchThird Party Advisory
Source: product-security@apple.com
PatchThird Party Advisory
Source: product-security@apple.com
Third Party Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Third Party Advisory
Source: product-security@apple.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.