CVE-2006-10003 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: March 19, 2026
XML::Parser Perl - Buffer Overflow
Overview
XML::Parser for Perl <= 2.47 contains an off-by-one heap buffer overflow caused by improper stack pointer handling in st_serial_stack, letting attackers cause memory corruption when parsing deeply nested XML files, exploit requires crafted XML input.
Severity & Score
Impact
Attackers can cause memory corruption leading to potential denial of service or code execution.
Mitigation
Update to a version later than 2.47 or the latest available version.
References
Social Media Activity(1 post)
Debian Libxml-Parser-Perl Heap Overflow Issue DSA-6182-1 CVE-2006-10003 Joris van Rantwijk discovered that libxml-parser-perl, a Perl module for parsing XML files, is prone to a heap-based buffer o... https://mastodon.social/tags/Debian https://mastodon.social/tags/Linux https://mastodon.social/tags/Distribution https://mastodon.social/tags/- https://mastodon.social/tags/Security https://mastodon.social/tags/Advisories https://linuxsecurity.com/advisories/debian/debian-dsa-6182-1-libxml-parser-perl | https://awakari.com/sub-details.html?id=linux | https://awakari.com/pub-msg.html?id=KU33lc5OcaCGnyqxkpvXw4FAcwy&interestId=linux
View original postRelated Resources
Details
- CVE ID
- CVE-2006-10003
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- buffer_overflow
- Status
- confirmed
- EPSS
- 6.9%
- Social Posts
- 1
CWE
- CWE-122
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H