Buffer Vulnerability in libxslt Affecting Multiple Vendors
CVE-2019-18197

7.5HIGH

Key Information:

Vendor

Xmlsoft

Status
Libxslt
Vendor
CVE Published:
18 October 2019

What is CVE-2019-18197?

In libxslt version 1.1.33, the function xsltCopyText contains a flaw where a pointer variable is not properly reset under certain conditions. This oversight can result in writing outside the intended buffer, particularly when the relevant memory area has been freed and subsequently reused. As a consequence, such vulnerabilities may lead to unpredictable behavior including memory corruption, potential data leakage, or exposure of uninitialized memory contents, posing risks to the integrity and confidentiality of the application.

References

https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b...
x_refsource_MISC
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15914
x_refsource_MISC
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15768
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.