[Bug 1301928] New: libxml2: out-of-bounds read in htmlParseNameComplex()

https://bugzilla.redhat.com/show_bug.cgi?id=1301928 Bug ID: 1301928 Summary: libxml2: out-of-bounds read in htmlParseNameComplex() Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: mprpic(a)redhat.com CC: athmanem(a)gmail.com, c.david86(a)gmail.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, ktietz(a)redhat.com, lfarkas(a)lfarkas.org, ohudlick(a)redhat.com, rjones(a)redhat.com, veillard(a)redhat.com An out-of-bounds read flaw was reported in libxml2's htmlParseNameComplex() function: http://seclists.org/oss-sec/2016/q1/199 A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to disclose crash. -- You are receiving this mail because: You are on the CC list for the bug.