1. Home
  2. Vulnerabilities
  3. CVE-2016-4447

CVE-2016-4447

CVSS v3.0 7.5 (High)
75% Progress
CVSS v2.0 5 (Medium)
50% Progress
EPSS 0.16 % (53th)
0.16% Progress
Affected Products 12
Advisories 13
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.

Weaknesses
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2016-06-09 16:59:05
(8 years ago)
Updated Date
2023-02-12 23:21:18
(19 months ago)

Affected Products

Apple

Canonical

Debian

Hp

Mcafee

Microsoft

Oracle

Xmlsoft

Configuration #1

AND
    CPE23 From Up To
OR  
  Hp Icewall Federation Agent 3.0 cpe:2.3:a:hp:icewall_federation_agent:3.0

Configuration #2

AND
    CPE23 From Up To
OR  
  Canonical Ubuntu Linux 12.04 cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts
OR  
  Running on/with
  Canonical Ubuntu Linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts
OR  
  Running on/with
  Canonical Ubuntu Linux 15.10 cpe:2.3:o:canonical:ubuntu_linux:15.10
OR  
  Running on/with
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts

Configuration #3

AND
    CPE23 From Up To
OR  
  Debian Linux 7.0 cpe:2.3:o:debian:debian_linux:7.0
OR  
  Running on/with
  Debian Linux 8.0 cpe:2.3:o:debian:debian_linux:8.0

Configuration #4

AND
    CPE23 From Up To
OR  
  Oracle Vm Server 3.3 cpe:2.3:o:oracle:vm_server:3.3
OR  
  Running on/with
  Oracle Vm Server 3.4 cpe:2.3:o:oracle:vm_server:3.4

Configuration #5

AND
    CPE23 From Up To
OR  
  Apple Itunes 12.4.1 cpe:2.3:a:apple:itunes:12.4.1
OR  
  Running on/with
  Microsoft Windows cpe:2.3:o:microsoft:windows

Configuration #6

AND
    CPE23 From Up To
OR  
  Apple Iphone Os 9.3.2 and prior versions cpe:2.3:o:apple:iphone_os <= 9.3.2
OR  
  Running on/with
  Apple Mac Os X 10.11.5 and prior versions cpe:2.3:o:apple:mac_os_x <= 10.11.5
OR  
  Running on/with
  Apple Tvos 9.2.1 and prior versions cpe:2.3:o:apple:tvos <= 9.2.1
OR  
  Running on/with
  Apple Watchos 2.2.1 and prior versions cpe:2.3:o:apple:watchos <= 2.2.1

Configuration #7

AND
    CPE23 From Up To
OR  
  Xmlsoft Libxml2 2.9.3 and prior versions cpe:2.3:a:xmlsoft:libxml2 <= 2.9.3

Configuration #8

AND
    CPE23 From Up To
OR  
  Mcafee Web Gateway from 7.5.0.0 version and 7.5.2.10 and prior versions cpe:2.3:a:mcafee:web_gateway >= 7.5.0.0 <= 7.5.2.10
OR  
  Running on/with
  Mcafee Web Gateway from 7.6.0.0 version and 7.6.2.3 and prior versions cpe:2.3:a:mcafee:web_gateway >= 7.6.0.0 <= 7.6.2.3