CVE-2016-9597

7.5HIGH

Key Information:

Vendor: Red Hat
Status: Libxml2
Vendor: CVE Published:; 30 July 2018

Summary

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.

Affected Version(s)

libxml2 all

References

http://www.securityfocus.com/bid/98567

vdb-entryx_refsource_BID

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9597

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 30, 2018
Vulnerability Reserved
Nov 23, 2016