Rc0R

**Name of the Vulnerable Software and Affected Versions** ezXML version 0.8.6 **Description** The issue is related to the `ezxml decode()` function in the ezXML library, which performs incorrect memory handling while parsing crafted XML files. This leads to a heap-based buffer overflow, allowing a remote attacker to cause a denial of service using a specially crafted XML file. The `ezxml decode()` function is vulnerable to buffer overflow attacks due to its incorrect handling of XML files. **Recommendations** For ezXML version 0.8.6, consider disabling the `ezxml decode()` function until a patch is available to prevent potential exploitation. Restrict access to the `ezxml decode()` function to minimize the risk of denial of service attacks. Avoid using the `ezxml decode()` function with untrusted XML files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ezXML version 0.8.6 **Description** The issue is related to incorrect memory handling by the `ezxml parse str()` function when parsing crafted XML files, which can lead to writing outside a memory region created by mmap. Additionally, the vulnerability is associated with blind XPath injection, allowing a remote attacker to cause a denial of service using a specially crafted XML file. **Recommendations** For ezXML version 0.8.6, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider disabling the `ezxml parse str()` function until a patch is available. Restrict access to the `libezxml.a` library to minimize the risk of exploitation. Avoid using the `ezxml parse str()` function with untrusted XML files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** ezXML version 0.8.6 **Description** The issue is related to the `ezxml parse str()` function in the ezXML library, which performs incorrect memory handling while parsing crafted XML files, leading to an out-of-bounds read after a certain `strcspn` failure. This can be exploited by a remote attacker to cause a denial of service using a specially crafted XML file. **Recommendations** For ezXML version 0.8.6, consider disabling the `ezxml parse str()` function as a temporary workaround until a patch is available. Restrict the use of crafted XML files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ezXML version 0.8.6 **Description** The issue is related to the `ezxml internal dtd()` function in the ezXML library, which performs incorrect memory handling while parsing crafted XML files. This leads to an out-of-bounds write of a one byte constant, allowing a remote attacker to cause a denial of service using a specially crafted XML file. **Recommendations** For ezXML version 0.8.6, consider disabling the `ezxml internal dtd()` function as a temporary workaround until a patch is available. Restrict the use of crafted XML files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ezXML version 0.8.6 **Description** An issue in the ezXML library for parsing XML documents is related to pointer dereference errors. The function `ezxml internal dtd()` performs incorrect memory handling while parsing a crafted XML file, leading to a NULL pointer dereference. This can be exploited by a remote attacker to cause a denial of service using a specially crafted XML file. **Recommendations** For ezXML version 0.8.6, as a temporary workaround, consider disabling the `ezxml internal dtd()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 7.0.15 PHP versions 7.1.x prior to 7.1.1 **Description** The issue is caused by an integer overflow in the Zend/zend hash.c component of the PHP interpreter, which mishandles certain cases that require large array allocations. This allows remote attackers to execute arbitrary code or cause a denial of service via crafted serialized data, resulting in uninitialized memory access and use of arbitrary destructor function pointers. **Recommendations** For PHP versions prior to 7.0.15, update to version 7.0.15 or later. For PHP versions 7.1.x prior to 7.1.1, update to version 7.1.1 or later.