Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2015-08-11T14:00:00

Updated: 2016-12-06T18:57:01

Reserved: 2015-07-14T00:00:00


Link: CVE-2015-5522

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2015-08-11T14:59:14.307

Modified: 2016-12-08T03:10:06.363


Link: CVE-2015-5522

JSON object: View

cve-icon Redhat Information

No data.

CWE