CVE-2006-10003

NameCVE-2006-10003
DescriptionXML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will NOT be expanded. Then the new value will be written at location (++stackptr), which equals stacksize and therefore falls just outside the allocated buffer. The bug can be observed when parsing an XML file with very deep element nesting
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs378412

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libxml-parser-perl (PTS)bullseye2.46-2fixed
bookworm2.46-4fixed
forky, sid, trixie2.47-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libxml-parser-perlsource(unstable)2.34-4.1medium378412

Notes

https://lists.security.metacpan.org/cve-announce/msg/38106362/
https://rt.cpan.org/Ticket/Display.html?id=19860
https://github.com/cpan-authors/XML-Parser/issues/39
Fixed by: https://github.com/cpan-authors/XML-Parser/commit/08dd37c35ec5e64e26aacb8514437f54708f7fd1 (2.48)
Search for package or bug name: Reporting problems