CVE-2015-7497

medium HPE
CVSS v3 Base Score
5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS Score
3.1%
Exploitation probability in 30 days
Top 13% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
P
Published: December 15, 2015 (3803 days ago)
Last Modified: May 6, 2026
Vendor: HPE
Source: NVD

Description

Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.

CWE

CWE-119

Affected Products

debian debian linuxcanonical ubuntu linuxxmlsoft libxml2redhat enterprise linux desktopredhat enterprise linux hpc noderedhat enterprise linux serverredhat enterprise linux workstationhp icewall federation agenthp icewall file manager

References

🔗 lists.opensuse.org 🔗 lists.opensuse.org 🔗 marc.info 🔗 rhn.redhat.com 🔗 rhn.redhat.com