7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
8.6 High
AI Score
Confidence
Low
0.018 Low
EPSS
Percentile
88.2%
Package : libxml2
Version : 2.7.8.dfsg-2+squeeze16
CVE ID : CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499
CVE-2015-7500
Several vulnerabilities were discovered in libxml2, a library providing
support to read, modify and write XML and HTML files. A remote attacker
could provide a specially crafted XML or HTML file that, when processed
by an application using libxml2, would cause that application to use an
excessive amount of CPU, leak potentially sensitive information, or
crash the application.
CVE-2015-5312: CPU exhaustion when processing specially crafted XML input.
CVE-2015-7497: Heap-based buffer overflow in xmlDictComputeFastQKey.
CVE-2015-7498: Heap-based buffer overflow in xmlParseXmlDecl.
CVE-2015-7499: Heap-based buffer overflow in xmlGROW.
CVE-2015-7500: Heap buffer overflow in xmlParseMisc.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 8 | armel | python-libxml2-dbg | < 2.9.1+dfsg1-5+deb8u1 | python-libxml2-dbg_2.9.1+dfsg1-5+deb8u1_armel.deb |
Debian | 7 | mips | python-libxml2 | < 2.8.0+dfsg1-7+wheezy5 | python-libxml2_2.8.0+dfsg1-7+wheezy5_mips.deb |
Debian | 7 | armhf | libxml2-dbg | < 2.8.0+dfsg1-7+wheezy5 | libxml2-dbg_2.8.0+dfsg1-7+wheezy5_armhf.deb |
Debian | 7 | ia64 | libxml2-dbg | < 2.8.0+dfsg1-7+wheezy5 | libxml2-dbg_2.8.0+dfsg1-7+wheezy5_ia64.deb |
Debian | 7 | ia64 | libxml2-utils | < 2.8.0+dfsg1-7+wheezy5 | libxml2-utils_2.8.0+dfsg1-7+wheezy5_ia64.deb |
Debian | 8 | kfreebsd-i386 | libxml2 | < 2.9.1+dfsg1-5+deb8u1 | libxml2_2.9.1+dfsg1-5+deb8u1_kfreebsd-i386.deb |
Debian | 8 | i386 | libxml2-dev | < 2.9.1+dfsg1-5+deb8u1 | libxml2-dev_2.9.1+dfsg1-5+deb8u1_i386.deb |
Debian | 8 | armhf | libxml2-dbg | < 2.9.1+dfsg1-5+deb8u1 | libxml2-dbg_2.9.1+dfsg1-5+deb8u1_armhf.deb |
Debian | 8 | kfreebsd-i386 | libxml2-utils-dbg | < 2.9.1+dfsg1-5+deb8u1 | libxml2-utils-dbg_2.9.1+dfsg1-5+deb8u1_kfreebsd-i386.deb |
Debian | 7 | s390 | libxml2-utils-dbg | < 2.8.0+dfsg1-7+wheezy5 | libxml2-utils-dbg_2.8.0+dfsg1-7+wheezy5_s390.deb |