dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the <!DOCTYPE html substring in a crafted HTML document.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libxml2 | Xmlsoft | * | 2.9.4 (excluding) |