Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2015-7497
HistoryDec 15, 2015 - 9:59 p.m.

CVE-2015-7497

2015-12-1521:59:01
CWE-119
[email protected]
web.nvd.nist.gov
74
cve-2015-7497
heap-based buffer overflow
xmldictcomputefastqkey
libxml2
nvd
denial of service

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.

Affected configurations

NVD
Node
debiandebian_linuxMatch7.0
OR
debiandebian_linuxMatch8.0
Node
canonicalubuntu_linuxMatch12.04lts
OR
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch15.04
OR
canonicalubuntu_linuxMatch15.10
Node
xmlsoftlibxml2Range2.9.2
Node
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_hpc_nodeMatch6.0
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_workstationMatch6.0
Node
hpicewall_federation_agentMatch3.0
OR
hpicewall_file_managerMatch3.0

Related

veracode 4
nvd 1
debiancve 1
prion 1
ubuntucve 1
cvelist 1
openvas 16
nessus 25
debian 3
osv 33
ubuntu 1
cloudfoundry 1
fedora 2
mageia 1
ibm 11
redhat 2
rubygems 1
oraclelinux 2
centos 2
freebsd 1
archlinux 1
amazon 2
f5 1
gentoo 1
suse 1
tenable 1
veracode
veracode
Heap-based Buffer Overflow
2018-08-07 08:22:00
Denial Of Service (DoS)
2019-05-02 05:51:46
Information Disclosure
2019-05-02 05:51:46
nvd
nvd
CVE-2015-7497
2015-12-15 21:59:01
debiancve
debiancve
CVE-2015-7497
2015-12-15 21:59:01
prion
prion
Heap overflow
2015-12-15 21:59:00
ubuntucve
ubuntucve
CVE-2015-7497
2015-11-26 00:00:00
cvelist
cvelist
CVE-2015-7497
2015-12-15 21:00:00
openvas
openvas
Debian: Security Advisory (DLA-373-1)
2023-03-08 00:00:00
Ubuntu: Security Advisory (USN-2834-1)
2015-12-15 00:00:00
Mageia: Security Advisory (MGASA-2015-0457)
2015-11-27 00:00:00
nessus
nessus
Debian DLA-373-1 : libxml2 security update
2015-12-29 00:00:00
Ubuntu 14.04 LTS : libxml2 vulnerabilities (USN-2834-1)
2015-12-15 00:00:00
OracleVM 3.3 : libxml2 (OVMSA-2015-0152)
2015-12-08 00:00:00
debian
debian
[SECURITY] [DLA 373-1] libxml2 security update
2015-12-26 13:08:39
[SECURITY] [DSA 3430-1] libxml2 security update
2015-12-23 13:19:18
[SECURITY] [DSA 3430-1] libxml2 security update
2015-12-23 13:19:18
osv
osv
libxml2 - security update
2015-12-26 00:00:00
CVE-2016-9597
2018-07-30 14:29:02
CVE-2016-4483
2017-04-11 16:59:00
ubuntu
ubuntu
libxml2 vulnerabilities
2015-12-14 00:00:00
cloudfoundry
cloudfoundry
USN-2834-1 libxml2 vulnerability | Cloud Foundry
2016-01-07 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: libxml2-2.9.3-1.fc22
2015-11-30 23:26:43
[SECURITY] Fedora 23 Update: libxml2-2.9.3-1.fc23
2015-11-26 21:01:32
mageia
mageia
Updated libxml2 packages fix security vulnerabilities
2015-11-26 23:47:39
ibm
ibm
Security Bulletin: Vulnerabilities in XML processing affect IBM DataPower Gateways
2021-06-08 22:18:27
Security Bulletin: Multiple vulnerabilities in Libxml2 affect IBM Security Network Protection
2018-06-16 21:39:19
Security Bulletin: Multiple vulnerabilities in libxml2 affect IBM Cognos Metrics Manager (CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317)
2018-06-15 23:15:11
redhat
redhat
(RHSA-2015:2549) Moderate: libxml2 security update
2015-12-07 00:00:00
(RHSA-2015:2550) Moderate: libxml2 security update
2015-12-07 10:04:33
rubygems
rubygems
Nokogiri gem contains several vulnerabilities in libxml2
2015-12-14 21:00:00
oraclelinux
oraclelinux
libxml2 security update
2015-12-07 00:00:00
libxml2 security update
2015-12-07 00:00:00
centos
centos
libxml2 security update
2015-12-07 13:26:33
libxml2 security update
2015-12-07 20:38:05
freebsd
freebsd
libxml2 -- multiple vulnerabilities
2015-11-20 00:00:00
archlinux
archlinux
libxml2: multiple issues
2015-12-09 00:00:00
amazon
amazon
Medium: libxml2
2015-12-14 10:00:00
Medium: libxml2
2019-05-29 19:14:00
f5
f5
K61570943 : Multiple libXML2 vulnerabilities
2016-02-15 00:00:00
gentoo
gentoo
libxml2: Multiple vulnerabilities
2017-01-16 00:00:00
suse
suse
Security update for sles12-docker-image (important)
2016-03-16 15:28:52
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON
Related for CVE-2015-7497
veracode4nvd1debiancve1prion1ubuntucve1cvelist1openvas16nessus25debian3osv33ubuntu1cloudfoundry1fedora2mageia1ibm11redhat2rubygems1oraclelinux2centos2freebsd1archlinux1amazon2f51gentoo1suse1tenable1