Denial of Service Exposure in libxml2 Affects Multiple Vendors
CVE-2015-7942
Currently unrated
Key Information:
- Vendor
HP
- Vendor
- CVE Published:
- 18 November 2015
What is CVE-2015-7942?
The xmlParseConditionalSections function in libxml2 has a flaw where it fails to adequately skip intermediary entities when invalid input is encountered. This vulnerability allows attackers to leverage crafted XML data to induce a denial of service, leading to an out-of-bounds read and possible program crash. It poses significant risks for applications relying on libxml2 for XML processing, affecting the stability and security of impacted systems.