RSS   Podatności dla 'TIDY'   RSS

2017-12-10
 
CVE-2017-17497

CWE-119
 

 
In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service (Segmentation Fault), because the currentNode variable in the "children of the head" processing feature is modified in the loop without validating the new value.

 


Copyright 2024, cxsecurity.com

 

Back to Top