CVE-2019-20200
31.12.2019, 21:15
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endings" feature.Enginsight
| Vendor | Product | Version |
|---|---|---|
| ezxml_project | ezxml | 0.8.3 ≤ 𝑥 ≤ 0.8.6 |
𝑥
= Vulnerable software versions
Debian Releases
Debian Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| mapcache |
| ||||||||||||
| netcdf |
| ||||||||||||
| netcdf-parallel |
| ||||||||||||
| scilab |
|
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| mapcache |
| ||||||||||||||||||||||||
| navit |
| ||||||||||||||||||||||||
| netcdf |
| ||||||||||||||||||||||||
| netcdf-parallel |
| ||||||||||||||||||||||||
| scilab |
|
Common Weakness Enumeration