Ubuntu: (Multiple Advisories) (CVE-2017-15412): libxml2 vulnerability
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:L/AC:M/Au:N/C:P/I:P/A:P) | December 08, 2017 | December 14, 2017 | December 20, 2017 |
Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
From USN-3513-2:
USN-3513-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that libxml2 incorrecty handled certain files. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!