Vulnerability identifier: #VU24488
Vulnerability risk: Medium
Exploitation vector: Network
Exploit availability: No
Vendor: Gnome Development Team
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop in xmlStringLenDecodeEntities in parser.c. A remote attacker can consume all available system resources and cause denial of service conditions in a certain end-of-file situation.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versions
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?