CVE-2011-1944: Integer Overflow

September 2, 2011 (updated June 17, 2016)

Integer overflow in xpath.c in libxml2, and libxml, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.

References

nvd.nist.gov/vuln/detail/CVE-2011-1944

Code Behaviors & Features

Detect and mitigate CVE-2011-1944 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →