CVE
CVE-2016-4483
| CVE ID |
CVE-2016-4483
|
|---|---|
| CVSS Score |
7.5
|
| Operating System | |
| Affected Versions | |
| Patched Versions |
libxml2-2.9.1-6_ol011.el7.6
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary:
xmlBufAttrSerializeTxtContent() in xmlsave.c in allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a non-UTF-8 attribute value, related to serialization. entities.c:xmlEncodeEntitiesInternal() triggers a heap-buffer-overflow read with a crafted XML payload.