CVE-2023-34194 Information

Dec 14, 2023 cve

Description

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a ‘\0’ located after whitespace.

Reference

https://sourceforge.net/p/tinyxml/git/ci/master/tree/tinyxmlparser.cpp https://www.forescout.com/resources/sierra21-vulnerabilities

Share on: