CVE
CVE-2016-4738
| CVE ID |
CVE-2016-4738
|
|---|---|
| CVSS Score |
8.8
|
| Operating System | |
| Affected Versions | |
| Patched Versions |
libxslt-1.1.28-6_ol001.el7
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary :
A heap overread vulnerability was found in xsltFormatNumberConversion function in libxslt. An empty decimal-separator could cause a heap overread. This can be exploited to leak a couple of bytes after the buffer that holds the pattern string.