AVG-700 log
Package | tinyxml2 |
Status | Not affected |
Severity | High |
Type | arbitrary code execution |
Affected | 6.2.0-1 |
Fixed | Not affected |
Current | 10.0.0-1 [extra] |
Ticket | None |
Created | Wed May 16 16:56:55 2018 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2018-11210 | High | Yes | Arbitrary code execution | TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. |
Notes |
---|
This is not a security issue, the initial reporter made a mistake in the fuzzing code (passing a non-null terminated buffer without the size). |