CVE-2016-1836

Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document.

Published : 2016-05-20 10:59 Updated : 2019-03-25 17:25

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Mcafee Web Gateway 7.5.2.10 cpe:/a:mcafee:web_gateway:7.5.2.10
Mcafee Web Gateway 7.6.2.3 cpe:/a:mcafee:web_gateway:7.6.2.3
Xmlsoft Libxml2 - cpe:/a:xmlsoft:libxml2:-
Xmlsoft Libxml2 1.7.0 cpe:/a:xmlsoft:libxml2:1.7.0
Xmlsoft Libxml2 1.7.1 cpe:/a:xmlsoft:libxml2:1.7.1
Xmlsoft Libxml2 1.7.2 cpe:/a:xmlsoft:libxml2:1.7.2
Xmlsoft Libxml2 1.7.3 cpe:/a:xmlsoft:libxml2:1.7.3
Xmlsoft Libxml2 1.7.4 cpe:/a:xmlsoft:libxml2:1.7.4
Xmlsoft Libxml2 1.8.0 cpe:/a:xmlsoft:libxml2:1.8.0
Xmlsoft Libxml2 1.8.1 cpe:/a:xmlsoft:libxml2:1.8.1
Xmlsoft Libxml2 1.8.2 cpe:/a:xmlsoft:libxml2:1.8.2
Xmlsoft Libxml2 1.8.3 cpe:/a:xmlsoft:libxml2:1.8.3
Xmlsoft Libxml2 1.8.4 cpe:/a:xmlsoft:libxml2:1.8.4
Xmlsoft Libxml2 1.8.5 cpe:/a:xmlsoft:libxml2:1.8.5
Xmlsoft Libxml2 1.8.6 cpe:/a:xmlsoft:libxml2:1.8.6
Xmlsoft Libxml2 1.8.7 cpe:/a:xmlsoft:libxml2:1.8.7
Xmlsoft Libxml2 1.8.9 cpe:/a:xmlsoft:libxml2:1.8.9
Xmlsoft Libxml2 1.8.10 cpe:/a:xmlsoft:libxml2:1.8.10
Xmlsoft Libxml2 1.8.13 cpe:/a:xmlsoft:libxml2:1.8.13
Xmlsoft Libxml2 1.8.14 cpe:/a:xmlsoft:libxml2:1.8.14
Xmlsoft Libxml2 1.8.16 cpe:/a:xmlsoft:libxml2:1.8.16
Xmlsoft Libxml2 2.0.0 cpe:/a:xmlsoft:libxml2:2.0.0
Xmlsoft Libxml2 2.1.0 cpe:/a:xmlsoft:libxml2:2.1.0
Xmlsoft Libxml2 2.1.1 cpe:/a:xmlsoft:libxml2:2.1.1
Xmlsoft Libxml2 2.2.0 cpe:/a:xmlsoft:libxml2:2.2.0
Xmlsoft Libxml2 2.2.0 cpe:/a:xmlsoft:libxml2:2.2.0:beta
Xmlsoft Libxml2 2.2.1 cpe:/a:xmlsoft:libxml2:2.2.1
Xmlsoft Libxml2 2.2.2 cpe:/a:xmlsoft:libxml2:2.2.2
Xmlsoft Libxml2 2.2.3 cpe:/a:xmlsoft:libxml2:2.2.3
Xmlsoft Libxml2 2.2.4 cpe:/a:xmlsoft:libxml2:2.2.4
Xmlsoft Libxml2 2.2.5 cpe:/a:xmlsoft:libxml2:2.2.5
Xmlsoft Libxml2 2.2.6 cpe:/a:xmlsoft:libxml2:2.2.6
Xmlsoft Libxml2 2.2.7 cpe:/a:xmlsoft:libxml2:2.2.7
Xmlsoft Libxml2 2.2.8 cpe:/a:xmlsoft:libxml2:2.2.8
Xmlsoft Libxml2 2.2.9 cpe:/a:xmlsoft:libxml2:2.2.9
Xmlsoft Libxml2 2.2.10 cpe:/a:xmlsoft:libxml2:2.2.10
Xmlsoft Libxml2 2.2.11 cpe:/a:xmlsoft:libxml2:2.2.11
Xmlsoft Libxml2 2.3.0 cpe:/a:xmlsoft:libxml2:2.3.0
Xmlsoft Libxml2 2.3.1 cpe:/a:xmlsoft:libxml2:2.3.1
Xmlsoft Libxml2 2.3.2 cpe:/a:xmlsoft:libxml2:2.3.2
Xmlsoft Libxml2 2.3.3 cpe:/a:xmlsoft:libxml2:2.3.3
Xmlsoft Libxml2 2.3.4 cpe:/a:xmlsoft:libxml2:2.3.4
Xmlsoft Libxml2 2.3.5 cpe:/a:xmlsoft:libxml2:2.3.5
Xmlsoft Libxml2 2.3.6 cpe:/a:xmlsoft:libxml2:2.3.6
Xmlsoft Libxml2 2.3.7 cpe:/a:xmlsoft:libxml2:2.3.7
Xmlsoft Libxml2 2.3.8 cpe:/a:xmlsoft:libxml2:2.3.8
Xmlsoft Libxml2 2.3.9 cpe:/a:xmlsoft:libxml2:2.3.9
Xmlsoft Libxml2 2.3.10 cpe:/a:xmlsoft:libxml2:2.3.10
Xmlsoft Libxml2 2.3.11 cpe:/a:xmlsoft:libxml2:2.3.11
Xmlsoft Libxml2 2.3.12 cpe:/a:xmlsoft:libxml2:2.3.12
Xmlsoft Libxml2 2.3.13 cpe:/a:xmlsoft:libxml2:2.3.13
Xmlsoft Libxml2 2.3.14 cpe:/a:xmlsoft:libxml2:2.3.14
Xmlsoft Libxml2 2.4.1 cpe:/a:xmlsoft:libxml2:2.4.1
Xmlsoft Libxml2 2.4.2 cpe:/a:xmlsoft:libxml2:2.4.2
Xmlsoft Libxml2 2.4.3 cpe:/a:xmlsoft:libxml2:2.4.3
Xmlsoft Libxml2 2.4.4 cpe:/a:xmlsoft:libxml2:2.4.4
Xmlsoft Libxml2 2.4.5 cpe:/a:xmlsoft:libxml2:2.4.5
Xmlsoft Libxml2 2.4.6 cpe:/a:xmlsoft:libxml2:2.4.6
Xmlsoft Libxml2 2.4.7 cpe:/a:xmlsoft:libxml2:2.4.7
Xmlsoft Libxml2 2.4.8 cpe:/a:xmlsoft:libxml2:2.4.8
Xmlsoft Libxml2 2.4.9 cpe:/a:xmlsoft:libxml2:2.4.9
Xmlsoft Libxml2 2.4.10 cpe:/a:xmlsoft:libxml2:2.4.10
Xmlsoft Libxml2 2.4.11 cpe:/a:xmlsoft:libxml2:2.4.11
Xmlsoft Libxml2 2.4.12 cpe:/a:xmlsoft:libxml2:2.4.12
Xmlsoft Libxml2 2.4.13 cpe:/a:xmlsoft:libxml2:2.4.13
Xmlsoft Libxml2 2.4.14 cpe:/a:xmlsoft:libxml2:2.4.14
Xmlsoft Libxml2 2.4.15 cpe:/a:xmlsoft:libxml2:2.4.15
Xmlsoft Libxml2 2.4.16 cpe:/a:xmlsoft:libxml2:2.4.16
Xmlsoft Libxml2 2.4.17 cpe:/a:xmlsoft:libxml2:2.4.17
Xmlsoft Libxml2 2.4.18 cpe:/a:xmlsoft:libxml2:2.4.18
Xmlsoft Libxml2 2.4.19 cpe:/a:xmlsoft:libxml2:2.4.19
Xmlsoft Libxml2 2.4.20 cpe:/a:xmlsoft:libxml2:2.4.20
Xmlsoft Libxml2 2.4.21 cpe:/a:xmlsoft:libxml2:2.4.21
Xmlsoft Libxml2 2.4.22 cpe:/a:xmlsoft:libxml2:2.4.22
Xmlsoft Libxml2 2.4.23 cpe:/a:xmlsoft:libxml2:2.4.23
Xmlsoft Libxml2 2.4.24 cpe:/a:xmlsoft:libxml2:2.4.24
Xmlsoft Libxml2 2.4.25 cpe:/a:xmlsoft:libxml2:2.4.25
Xmlsoft Libxml2 2.4.26 cpe:/a:xmlsoft:libxml2:2.4.26
Xmlsoft Libxml2 2.4.27 cpe:/a:xmlsoft:libxml2:2.4.27
Xmlsoft Libxml2 2.4.28 cpe:/a:xmlsoft:libxml2:2.4.28
Xmlsoft Libxml2 2.4.29 cpe:/a:xmlsoft:libxml2:2.4.29
Xmlsoft Libxml2 2.4.30 cpe:/a:xmlsoft:libxml2:2.4.30
Xmlsoft Libxml2 2.5.0 cpe:/a:xmlsoft:libxml2:2.5.0
Xmlsoft Libxml2 2.5.4 cpe:/a:xmlsoft:libxml2:2.5.4
Xmlsoft Libxml2 2.5.7 cpe:/a:xmlsoft:libxml2:2.5.7
Xmlsoft Libxml2 2.5.8 cpe:/a:xmlsoft:libxml2:2.5.8
Xmlsoft Libxml2 2.5.10 cpe:/a:xmlsoft:libxml2:2.5.10
Xmlsoft Libxml2 2.5.11 cpe:/a:xmlsoft:libxml2:2.5.11
Xmlsoft Libxml2 2.6.0 cpe:/a:xmlsoft:libxml2:2.6.0
Xmlsoft Libxml2 2.6.1 cpe:/a:xmlsoft:libxml2:2.6.1
Xmlsoft Libxml2 2.6.2 cpe:/a:xmlsoft:libxml2:2.6.2
Xmlsoft Libxml2 2.6.3 cpe:/a:xmlsoft:libxml2:2.6.3
Xmlsoft Libxml2 2.6.4 cpe:/a:xmlsoft:libxml2:2.6.4
Xmlsoft Libxml2 2.6.5 cpe:/a:xmlsoft:libxml2:2.6.5
Xmlsoft Libxml2 2.6.6 cpe:/a:xmlsoft:libxml2:2.6.6
Xmlsoft Libxml2 2.6.7 cpe:/a:xmlsoft:libxml2:2.6.7
Xmlsoft Libxml2 2.6.8 cpe:/a:xmlsoft:libxml2:2.6.8
Xmlsoft Libxml2 2.6.9 cpe:/a:xmlsoft:libxml2:2.6.9
Xmlsoft Libxml2 2.6.11 cpe:/a:xmlsoft:libxml2:2.6.11
Xmlsoft Libxml2 2.6.12 cpe:/a:xmlsoft:libxml2:2.6.12
Xmlsoft Libxml2 2.6.13 cpe:/a:xmlsoft:libxml2:2.6.13
Xmlsoft Libxml2 2.6.14 cpe:/a:xmlsoft:libxml2:2.6.14
Xmlsoft Libxml2 2.6.16 cpe:/a:xmlsoft:libxml2:2.6.16
Xmlsoft Libxml2 2.6.17 cpe:/a:xmlsoft:libxml2:2.6.17
Xmlsoft Libxml2 2.6.18 cpe:/a:xmlsoft:libxml2:2.6.18
Xmlsoft Libxml2 2.6.20 cpe:/a:xmlsoft:libxml2:2.6.20
Xmlsoft Libxml2 2.6.21 cpe:/a:xmlsoft:libxml2:2.6.21
Xmlsoft Libxml2 2.6.22 cpe:/a:xmlsoft:libxml2:2.6.22
Xmlsoft Libxml2 2.6.23 cpe:/a:xmlsoft:libxml2:2.6.23
Xmlsoft Libxml2 2.6.24 cpe:/a:xmlsoft:libxml2:2.6.24
Xmlsoft Libxml2 2.6.25 cpe:/a:xmlsoft:libxml2:2.6.25
Xmlsoft Libxml2 2.6.26 cpe:/a:xmlsoft:libxml2:2.6.26
Xmlsoft Libxml2 2.6.27 cpe:/a:xmlsoft:libxml2:2.6.27
Xmlsoft Libxml2 2.6.28 cpe:/a:xmlsoft:libxml2:2.6.28
Xmlsoft Libxml2 2.6.29 cpe:/a:xmlsoft:libxml2:2.6.29
Xmlsoft Libxml2 2.6.30 cpe:/a:xmlsoft:libxml2:2.6.30
Xmlsoft Libxml2 2.6.31 cpe:/a:xmlsoft:libxml2:2.6.31
Xmlsoft Libxml2 2.6.32 cpe:/a:xmlsoft:libxml2:2.6.32
Xmlsoft Libxml2 2.7.0 cpe:/a:xmlsoft:libxml2:2.7.0
Xmlsoft Libxml2 2.7.1 cpe:/a:xmlsoft:libxml2:2.7.1
Xmlsoft Libxml2 2.7.2 cpe:/a:xmlsoft:libxml2:2.7.2
Xmlsoft Libxml2 2.7.3 cpe:/a:xmlsoft:libxml2:2.7.3
Xmlsoft Libxml2 2.7.4 cpe:/a:xmlsoft:libxml2:2.7.4
Xmlsoft Libxml2 2.7.5 cpe:/a:xmlsoft:libxml2:2.7.5
Xmlsoft Libxml2 2.7.6 cpe:/a:xmlsoft:libxml2:2.7.6
Xmlsoft Libxml2 2.7.7 cpe:/a:xmlsoft:libxml2:2.7.7
Xmlsoft Libxml2 2.7.8 cpe:/a:xmlsoft:libxml2:2.7.8
Xmlsoft Libxml2 2.8.0 cpe:/a:xmlsoft:libxml2:2.8.0
Xmlsoft Libxml2 2.9.0 cpe:/a:xmlsoft:libxml2:2.9.0
Xmlsoft Libxml2 2.9.0 cpe:/a:xmlsoft:libxml2:2.9.0:rc1
Xmlsoft Libxml2 2.9.1 cpe:/a:xmlsoft:libxml2:2.9.1
Xmlsoft Libxml2 2.9.2 cpe:/a:xmlsoft:libxml2:2.9.2
Xmlsoft Libxml2 2.9.3 cpe:/a:xmlsoft:libxml2:2.9.3
Redhat Enterprise Linux Desktop 6.0 cpe:/o:redhat:enterprise_linux_desktop:6.0
Redhat Enterprise Linux Desktop 7.0 cpe:/o:redhat:enterprise_linux_desktop:7.0
Redhat Enterprise Linux Server 6.0 cpe:/o:redhat:enterprise_linux_server:6.0
Redhat Enterprise Linux Server 7.0 cpe:/o:redhat:enterprise_linux_server:7.0
Redhat Enterprise Linux Server Aus 7.2 cpe:/o:redhat:enterprise_linux_server_aus:7.2
Redhat Enterprise Linux Server Aus 7.3 cpe:/o:redhat:enterprise_linux_server_aus:7.3
Redhat Enterprise Linux Server Aus 7.4 cpe:/o:redhat:enterprise_linux_server_aus:7.4
Redhat Enterprise Linux Server Aus 7.6 cpe:/o:redhat:enterprise_linux_server_aus:7.6
Redhat Enterprise Linux Server Eus 7.2 cpe:/o:redhat:enterprise_linux_server_eus:7.2
Redhat Enterprise Linux Server Eus 7.3 cpe:/o:redhat:enterprise_linux_server_eus:7.3
Redhat Enterprise Linux Server Eus 7.4 cpe:/o:redhat:enterprise_linux_server_eus:7.4
Redhat Enterprise Linux Server Eus 7.5 cpe:/o:redhat:enterprise_linux_server_eus:7.5
Redhat Enterprise Linux Server Eus 7.6 cpe:/o:redhat:enterprise_linux_server_eus:7.6
Redhat Enterprise Linux Server Tus 7.2 cpe:/o:redhat:enterprise_linux_server_tus:7.2
Redhat Enterprise Linux Server Tus 7.3 cpe:/o:redhat:enterprise_linux_server_tus:7.3
Redhat Enterprise Linux Server Tus 7.6 cpe:/o:redhat:enterprise_linux_server_tus:7.6
Redhat Enterprise Linux Workstation 6.0 cpe:/o:redhat:enterprise_linux_workstation:6.0
Redhat Enterprise Linux Workstation 7.0 cpe:/o:redhat:enterprise_linux_workstation:7.0
Debian Debian Linux 8.0 cpe:/o:debian:debian_linux:8.0
Canonical Ubuntu Linux 15.10 cpe:/o:canonical:ubuntu_linux:15.10
Canonical Ubuntu Linux 12.04 cpe:/o:canonical:ubuntu_linux:12.04::~~lts~~~
Canonical Ubuntu Linux 16.04 cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
Canonical Ubuntu Linux 14.04 cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~
  1. Xmlsoft (1) Search CVE
    1. Libxml2 (129) Search CVE
      1. -
      2. 1.7.0
      3. 1.7.1
      4. 1.7.2
      5. 1.7.3
      6. 1.7.4
      7. 1.8.0
      8. 1.8.1
      9. 1.8.2
      10. 1.8.3
      11. 1.8.4
      12. 1.8.5
      13. 1.8.6
      14. 1.8.7
      15. 1.8.9
      16. 1.8.10
      17. 1.8.13
      18. 1.8.14
      19. 1.8.16
      20. 2.0.0
      21. 2.1.0
      22. 2.1.1
      23. 2.2.0
      24. 2.2.1
      25. 2.2.2
      26. 2.2.3
      27. 2.2.4
      28. 2.2.5
      29. 2.2.6
      30. 2.2.7
      31. 2.2.8
      32. 2.2.9
      33. 2.2.10
      34. 2.2.11
      35. 2.3.0
      36. 2.3.1
      37. 2.3.2
      38. 2.3.3
      39. 2.3.4
      40. 2.3.5
      41. 2.3.6
      42. 2.3.7
      43. 2.3.8
      44. 2.3.9
      45. 2.3.10
      46. 2.3.11
      47. 2.3.12
      48. 2.3.13
      49. 2.3.14
      50. 2.4.1
      51. 2.4.2
      52. 2.4.3
      53. 2.4.4
      54. 2.4.5
      55. 2.4.6
      56. 2.4.7
      57. 2.4.8
      58. 2.4.9
      59. 2.4.10
      60. 2.4.11
      61. 2.4.12
      62. 2.4.13
      63. 2.4.14
      64. 2.4.15
      65. 2.4.16
      66. 2.4.17
      67. 2.4.18
      68. 2.4.19
      69. 2.4.20
      70. 2.4.21
      71. 2.4.22
      72. 2.4.23
      73. 2.4.24
      74. 2.4.25
      75. 2.4.26
      76. 2.4.27
      77. 2.4.28
      78. 2.4.29
      79. 2.4.30
      80. 2.5.0
      81. 2.5.4
      82. 2.5.7
      83. 2.5.8
      84. 2.5.10
      85. 2.5.11
      86. 2.6.0
      87. 2.6.1
      88. 2.6.2
      89. 2.6.3
      90. 2.6.4
      91. 2.6.5
      92. 2.6.6
      93. 2.6.7
      94. 2.6.8
      95. 2.6.9
      96. 2.6.11
      97. 2.6.12
      98. 2.6.13
      99. 2.6.14
      100. 2.6.16
      101. 2.6.17
      102. 2.6.18
      103. 2.6.20
      104. 2.6.21
      105. 2.6.22
      106. 2.6.23
      107. 2.6.24
      108. 2.6.25
      109. 2.6.26
      110. 2.6.27
      111. 2.6.28
      112. 2.6.29
      113. 2.6.30
      114. 2.6.31
      115. 2.6.32
      116. 2.7.0
      117. 2.7.1
      118. 2.7.2
      119. 2.7.3
      120. 2.7.4
      121. 2.7.5
      122. 2.7.6
      123. 2.7.7
      124. 2.7.8
      125. 2.8.0
      126. 2.9.0
      127. 2.9.1
      128. 2.9.2
      129. 2.9.3
  2. Redhat (6) Search CVE
    1. Enterprise Linux Server (2) Search CVE
      1. 6.0
      2. 7.0
    2. Enterprise Linux Workstation (2) Search CVE
      1. 6.0
      2. 7.0
    3. Enterprise Linux Server Tus (3) Search CVE
      1. 7.2
      2. 7.3
      3. 7.6
    4. Enterprise Linux Server Eus (5) Search CVE
      1. 7.2
      2. 7.3
      3. 7.4
      4. 7.5
      5. 7.6
    5. Enterprise Linux Server Aus (4) Search CVE
      1. 7.2
      2. 7.3
      3. 7.4
      4. 7.6
    6. Enterprise Linux Desktop (2) Search CVE
      1. 6.0
      2. 7.0
  3. Canonical (1) Search CVE
    1. Ubuntu Linux (4) Search CVE
      1. 15.10
      2. 12.04
      3. 16.04
      4. 14.04
  4. Debian (1) Search CVE
    1. Debian Linux (1) Search CVE
      1. 8.0
  5. Mcafee (1) Search CVE
    1. Web Gateway (2) Search CVE
      1. 7.5.2.10
      2. 7.6.2.3

CWE

ID Name Description Links
CWE-416 Use After Free Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code. CVE

References

Source Link
APPLE http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
APPLE http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
APPLE http://lists.apple.com/archives/security-announce/2016/May/msg00003.html
APPLE http://lists.apple.com/archives/security-announce/2016/May/msg00004.html
SECTRACK http://www.securitytracker.com/id/1035890
CONFIRM https://bugzilla.gnome.org/show_bug.cgi?id=759398
APPLE http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
APPLE http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
CONFIRM http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
CONFIRM http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
CONFIRM http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
APPLE http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
APPLE http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
UBUNTU http://www.ubuntu.com/usn/USN-2994-1
CONFIRM http://xmlsoft.org/news.html
REDHAT https://access.redhat.com/errata/RHSA-2016:1292
APPLE http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
CONFIRM https://support.apple.com/HT206564
CONFIRM https://support.apple.com/HT206566
CONFIRM https://support.apple.com/HT206567
CONFIRM https://support.apple.com/HT206568
CONFIRM https://www.tenable.com/security/tns-2016-18
CONFIRM https://support.apple.com/HT206902
CONFIRM https://support.apple.com/HT206904
DEBIAN https://www.debian.org/security/2016/dsa-3593
CONFIRM https://support.apple.com/HT206903
CONFIRM https://support.apple.com/HT206905
CONFIRM https://support.apple.com/HT206901
CONFIRM https://support.apple.com/HT206899
GENTOO https://security.gentoo.org/glsa/201701-37
BID http://www.securityfocus.com/bid/90691
REDHAT http://rhn.redhat.com/errata/RHSA-2016-2957.html
CONFIRM https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0
CONFIRM https://kc.mcafee.com/corporate/index?page=content&id=SB10170

History of changes

Date Event
2019-03-25 17:25
2019-03-08 16:06
2018-01-05 02:30
2017-11-30 02:29
2017-07-01 05:32
2016-05-20 10:59

New CVE