Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
07 Nov 2023, 02:39
Type | Values Removed | Values Added |
---|---|---|
References | () https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html - | |
References | () https://security.gentoo.org/glsa/201801-03 - | |
References | () https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html - | |
References | () http://www.securitytracker.com/id/1040348 - | |
References | () https://crbug.com/727039 - | |
References | () https://access.redhat.com/errata/RHSA-2018:0287 - | |
References | () https://access.redhat.com/errata/RHSA-2017:3401 - | |
References | () https://www.debian.org/security/2018/dsa-4086 - | |
References | () https://bugzilla.gnome.org/show_bug.cgi?id=783160 - |
Information
Published : 2018-08-28 19:29
Updated : 2024-02-28 16:48
NVD link : CVE-2017-15412
Mitre link : CVE-2017-15412
CVE.ORG link : CVE-2017-15412
JSON object : View
Products Affected
debian
- debian_linux
redhat
- enterprise_linux_workstation
- enterprise_linux_server
- enterprise_linux_desktop
- chrome
xmlsoft
- libxml2
CWE
CWE-416
Use After Free