CVE-2018-11210

Source
Severity High
Remote Yes
Type Arbitrary code execution
Description
TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so.
Group Package Affected Fixed Severity Status Ticket
AVG-700 tinyxml2 6.2.0-1 High Vulnerable
References
https://github.com/leethomason/tinyxml2/issues/675
Notes
FIXME: I reviewed the issue rather early. Please check to make sure the type/remote flags are proper once more information is out.