Showing 1 - 3 of 3

CVE-2015-5523

Status Candidate

Overview

The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation.

Related Files

Apple Security Advisory 2015-09-16-1: Posted Sep 19, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-09-16-1 - iOS 9 is now available and addresses denial of service, information disclosure, and various other issues.; tags | advisory, denial of service, info disclosure; systems | cisco, apple, ios; advisories | CVE-2013-3951, CVE-2014-8146, CVE-2014-8611, CVE-2015-0286, CVE-2015-0287, CVE-2015-1129, CVE-2015-1205, CVE-2015-3801, CVE-2015-5522, CVE-2015-5523, CVE-2015-5748, CVE-2015-5764, CVE-2015-5765, CVE-2015-5767, CVE-2015-5788, CVE-2015-5789, CVE-2015-5790, CVE-2015-5791, CVE-2015-5792, CVE-2015-5793, CVE-2015-5794, CVE-2015-5795, CVE-2015-5796, CVE-2015-5797, CVE-2015-5799, CVE-2015-5800, CVE-2015-5801, CVE-2015-5802; SHA-256 | 9fd697c7c99863744ab08fa1e360cde32e9825a823a4a708279ed659764693f2; Download | Favorite | View

Ubuntu Security Notice USN-2695-1: Posted Aug 3, 2015; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2695-1 - Fernando Munoz discovered that HTML Tidy incorrectly handled memory. If a user or automated system were tricked into processing specially crafted data, applications linked against HTML Tidy could be made to crash, leading to a denial of service, or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2015-5522, CVE-2015-5523; SHA-256 | 336dfd98983f47de9f0d69470b93d230134fc1c320550ad9eac0643342f45923; Download | Favorite | View

Debian Security Advisory 3309-1: Posted Jul 20, 2015; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3309-1 - Fernando Munoz discovered that invalid HTML input passed to tidy, an HTML syntax checker and reformatter, could trigger a buffer overflow. This could allow remote attackers to cause a denial of service (crash) or potentially execute arbitrary code.; tags | advisory, remote, denial of service, overflow, arbitrary; systems | linux, debian; advisories | CVE-2015-5522, CVE-2015-5523; SHA-256 | 9f74172d765c78b9706ecbe3bd4c5375d3108c72d904c586aa43aebbab21d647; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 269 files
Ubuntu 94 files
indoushka 31 files
Gentoo 29 files
Debian 12 files
tmrswrr 7 files
Sina Kheirkhah 7 files
Google Security Research 6 files
Jann Horn 5 files
Rodolfo Tavares 4 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,084)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,556)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,418)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,700)
UNIX (9,431)
UnixWare (187)
Windows (6,667)
Other

CVE-2015-5523

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems