CVE-2015-5522

Published: 16 July 2015

Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.

Priority

Status

Package	Release	Status
tidy Launchpad, Ubuntu, Debian	precise	Released (20091223cvs-1ubuntu2.1)
	trusty	Released (20091223cvs-1.2ubuntu1.1)
	upstream	Released (20091223cvs-1.5)
	utopic	Ignored (end of life)
	vivid	Released (20091223cvs-1.4ubuntu0.1)
	Patches: upstream: https://github.com/htacg/tidy-html5/commit/c18f27a58792f7fbd0b30a0ff50d6b40a82f940d

References

http://www.openwall.com/lists/oss-security/2015/06/04/2
https://ubuntu.com/security/notices/USN-2695-1
https://www.cve.org/CVERecord?id=CVE-2015-5522
NVD
Launchpad
Debian

Bugs

https://github.com/htacg/tidy-html5/issues/217
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792571

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›