Buffer overflow in Toddr Xml::parser

CVE-2006-10003

XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will NOT be expanded. Then the new value will be written at location (++stackptr), wh…

EPSS: 0.000 (8.8th percentile) — read the EPSS interpretation.

Affected products

Toddr Xml::parser — versions 0

Weakness classification (CWE)

References

rt.cpan.org/Ticket/Display.html (issue-tracking)
github.com/cpan-authors/XML-Parser/issues/39 (issue-tracking)
github.com/cpan-authors/XML-Parser/commit/3eb9cc95420fa0c3f76947c4708962546bf27… (patch)