https://bugzilla.redhat.com/show_bug.cgi?id=1301928
Bug ID: 1301928 Summary: libxml2: out-of-bounds read in htmlParseNameComplex() Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: mprpic@redhat.com CC: athmanem@gmail.com, c.david86@gmail.com, erik-fedora@vanpienbroek.nl, fedora-mingw@lists.fedoraproject.org, ktietz@redhat.com, lfarkas@lfarkas.org, ohudlick@redhat.com, rjones@redhat.com, veillard@redhat.com
An out-of-bounds read flaw was reported in libxml2's htmlParseNameComplex() function:
http://seclists.org/oss-sec/2016/q1/199
A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to disclose crash.