Fluid Attacks Database

Description

XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will NOT be expanded. Then the new value will be written at location (++stackptr), which equals stacksize and therefore falls just outside the allocated buffer. The bug can be observed when parsing an XML file with very deep element nesting

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	libxml-parser-perl	=2.47-1 \|\| =2.47-2~deb13u1 \|\| >=0 <2.47-2	2.47-2
rpm rhel7	perl-XML-Parser	-	-
debian 12	libxml-parser-perl	=2.46-4 \|\| >=0 <2.46-4+deb12u1	2.46-4+deb12u1
debian 11	libxml-parser-perl	=2.46-2 \|\| >=0 <2.46-2+deb11u1	2.46-2+deb11u1
debian 13	libxml-parser-perl	=2.47-1 \|\| >=0 <2.47-2~deb13u1	2.47-2~deb13u1
rpm rhel10	perl-XML-Parser	<0:2.47-6.1.el10_1	0:2.47-6.1.el10_1
rpm rhel6	perl-XML-Parser	-	-
rpm rhel8	perl-XML-Parser	<0:2.44-12.el8_10	0:2.44-12.el8_10
rpm rhel9	perl-XML-Parser	<0:2.46-9.1.el9_7	0:2.46-9.1.el9_7
rpm rhel9.6	perl-XML-Parser	<0:2.46-9.el9_6.1	0:2.46-9.el9_6.1

1-10 of 13

Aliases

1. CVE-2006-100032. NVD-2006-100033. OSV-DEBIAN-2006-100034. OSV-2006-100035. SECURITY-TRACKER-CVE-2006-10003

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.