Description
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.
Related CPE's
a
tinyxml_project
tinyxml
3
o
debian
debian_linux
2
References
https://lists.debian.org/debian-lts-announce/2022/04/msg00019.html
Mailing ListThird Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00041.html
Mailing ListThird Party Advisory
https://sourceforge.net/p/tinyxml/bugs/141/
ExploitIssue TrackingThird Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2021-10-11T20:15:07.433
3 years agoLast modified
2024-01-12T03:15:08.540
1 year ago