Main
Vulnerability Database
Exploits
ID:8722 - Exploit for Input validation error in xstream - CVE-2022-41966
ID:8722 - Exploit for Input validation error in xstream - CVE-2022-41966
Published: January 10, 2023
Vulnerability identifier: #VU70527
Vulnerability risk: Medium
CVE-ID: CVE-2022-41966
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
xstream
xstream
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can pass specially crafted data to the application, trigger a stack overflow error and perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.