Security Advisory

CVE-2021-21828

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-20 21:03:23

Last updated 2024-08-03 18:23:29

Assigner talos

State PUBLISHED

Description

A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. In the default case of DecodeTreeBlock a label is created via CurPath::AddLabel in order to track the label for later reference. An attacker can provide a malicious file to trigger this vulnerability.

← Browse all CVEs View on cve.org ↗