Buffer overflow in libxml2
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2016-1834 |
| CWE-ID | CWE-119 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Libxml2 Universal components / Libraries / Libraries used by multiple products |
| Vendor | Gnome Development Team |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Buffer overflow
EUVDB-ID: #VU109824
Risk: High
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-1834
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to heap-based buffer overflow in the xmlStrncat function in libxml2. A local user can trick the victim into opening a specially crafted file to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
MitigationInstall update from vendor's website.
Vulnerable software versionsLibxml2: 1.7.0 - 2.9.3
CPE2.3- cpe:2.3:a:gnome:libxml2:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:libxml2:1.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:libxml2:1.7.2:*:*:*:*:*:*:*
https://lists.apple.com/archives/security-announce/2016/May/msg00001.html
https://lists.apple.com/archives/security-announce/2016/May/msg00002.html
https://lists.apple.com/archives/security-announce/2016/May/msg00003.html
https://lists.apple.com/archives/security-announce/2016/May/msg00004.html
https://rhn.redhat.com/errata/RHSA-2016-2957.html
https://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
https://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
https://www.securityfocus.com/bid/90691
https://www.securitytracker.com/id/1035890
https://www.ubuntu.com/usn/USN-2994-1
https://xmlsoft.org/news.html
https://access.redhat.com/errata/RHSA-2016:1292
https://bugzilla.gnome.org/show_bug.cgi?id=763071
https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704
https://kc.mcafee.com/corporate/index?page=content&id=SB10170
https://support.apple.com/HT206564
https://support.apple.com/HT206566
https://support.apple.com/HT206567
https://support.apple.com/HT206568
https://www.debian.org/security/2016/dsa-3593
https://www.tenable.com/security/tns-2016-18
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
