A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxml_string_getc:2611. NOTE: it is unclear whether this input is allowed by the API specification
References
Link | Resource |
---|---|
https://github.com/michaelrsweet/mxml/issues/286 | Exploit Issue Tracking Third Party Advisory |
Configurations
History
07 Nov 2023, 03:39
Type | Values Removed | Values Added |
---|---|---|
Summary | A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxml_string_getc:2611. NOTE: it is unclear whether this input is allowed by the API specification |
Information
Published : 2022-05-26 12:15
Updated : 2024-08-04 04:16
NVD link : CVE-2021-42860
Mitre link : CVE-2021-42860
CVE.ORG link : CVE-2021-42860
JSON object : View
Products Affected
mini-xml_project
- mini-xml
CWE
CWE-772
Missing Release of Resource after Effective Lifetime