Heap-based Buffer Over-read in TinyXML2 6.2.0's XMLDocument::Parse Function

Heap-based Buffer Over-read in TinyXML2 6.2.0's XMLDocument::Parse Function

CVE-2018-11210 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2

Learn more about our Web Application Penetration Testing UK.