Description
A heap-based buffer overflow flaw was found in the way libxml2 parsed certain
crafted XML input. A remote attacker could provide a specially crafted XML file
that, when opened in an application linked against libxml2, would cause the
application to crash or execute arbitrary code with the permissions of the user
running the application. (CVE-2016-1834, CVE-2016-1840)
Multiple denial of service flaws were found in libxml2. A remote attacker could
provide a specially crafted XML file that, when processed by an application
using libxml2, could cause that application to crash.