Expat CVE-2016-4472 Incomplete Fix Remote Code Execution Vulnerability

Expat library is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code or crash the affected application, resulting in denial-of-service conditions.

Note: This issue is the result of an incomplete fix for the CVE-2015-1283 described in 75973 (Google Chrome Prior to 44.0.2403.89 Multiple Security Vulnerabilities) and CVE-2015-2716 described in 74611 (Mozilla Firefox and Thunderbird MFSA 2015-48 through -58 Multiple Vulnerabilities).


 

Privacy Statement
Copyright 2010, SecurityFocus