Debian Linux Security Advisory 3309-1 - Fernando Munoz discovered that invalid HTML input passed to tidy, an HTML syntax checker and reformatter, could trigger a buffer overflow. This could allow remote attackers to cause a denial of service (crash) or potentially execute arbitrary code.
9f74172d765c78b9706ecbe3bd4c5375d3108c72d904c586aa43aebbab21d647