Fluid Attacks Database

Description

Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	libxml2	>=0 <2.9.4+dfsg1-3.1	2.9.4+dfsg1-3.1
debian 12	libxml2	>=0 <2.9.4+dfsg1-3.1	2.9.4+dfsg1-3.1
debian 11	libxml2	>=0 <2.9.4+dfsg1-3.1	2.9.4+dfsg1-3.1
nuget	libxml2	>=0 <2.9.5	-
debian 13	libxml2	>=0 <2.9.4+dfsg1-3.1	2.9.4+dfsg1-3.1

Aliases

1. CVE-2017-73762. NVD-2017-73763. OSV-DEBIAN-2017-73764. OSV-2017-73765. GCVE-2017-73766. SECURITY-TRACKER-CVE-2017-7376

References

1. https://github.com/brahmstaedt/libxml2-exploit

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.