Apple Watchos : Security vulnerabilities, CVEs published in August 2015

Copy

CVE-2015-5523

The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation.

Max CVSS

4.3

EPSS Score

1.54%

Published

2015-08-11

Updated

2016-12-08

CVE-2015-5522

Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.

Max CVSS

6.8

EPSS Score

1.55%

Published

2015-08-11

Updated

2016-12-08

CVE-2015-1819

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.

Max CVSS

5.0

EPSS Score

2.49%

Published

2015-08-14

Updated

2019-12-27

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!