Security Advisory

CVE-2009-3627

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-10-29 14:00:00

Last updated 2024-08-07 06:38:28

Assigner redhat

State PUBLISHED

Description

The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service (infinite loop) via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character.

← Browse all CVEs View on cve.org ↗