Buffer Underread Vulnerability in libxml2 Affecting Multiple Platforms
CVE-2016-4447
7.5HIGH
What is CVE-2016-4447?
The xmlParseElementDecl function in libxml2 versions before 2.9.4 is vulnerable to a buffer underread issue, which can lead to a denial of service. An attacker can exploit this vulnerability by supplying a crafted XML file that causes the application to crash. This edge case occurs during the parsing process, specifically within the xmlParseName function, allowing context-dependent attackers to disrupt service and impact system reliability.