The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a “type confusion” issue.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995
Reference (s):
- APPLE:APPLE-SA-2016-01-19-1
- URL: http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html
- APPLE:APPLE-SA-2016-01-19-2
- URL: http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html
- APPLE:APPLE-SA-2016-01-25-1