Home CVE Database CVE-2016-1684

CVE-2016-1684

Description

numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document.CWE-190: Integer Overflow or Wraparound

Priority: MEDIUM
CVSS v3: 7.5
Publish Date: Jun 5, 2016
Related ID: --
CVSS v2: High
Modified Date: Jun 7, 2016

Find out more about CVE-2016-1684 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

libxslt

Live chat
Online