The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
References
Link | Resource |
---|---|
https://sourceforge.net/p/ezxml/bugs/21/ | Exploit Third Party Advisory |
Configurations
History
10 Feb 2021, 19:16
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : 5.8
v3 : 8.1 |
CPE | cpe:2.3:a:ezxml_project:ezxml:*:*:*:*:*:*:*:* | |
References | (MISC) https://sourceforge.net/p/ezxml/bugs/21/ - Exploit, Third Party Advisory |
08 Feb 2021, 21:47
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-02-08 21:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-26221
Mitre link : CVE-2021-26221
CVE.ORG link : CVE-2021-26221
JSON object : View
Products Affected
ezxml_project
- ezxml
CWE
CWE-787
Out-of-bounds Write