VYPR
Critical severity9.8NVD Advisory· Published Mar 19, 2026· Updated Apr 4, 2026

CVE-2006-10003

CVE-2006-10003

Description

XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack.

In the case (stackptr == stacksize - 1), the stack will NOT be expanded. Then the new value will be written at location (++stackptr), which equals stacksize and therefore falls just outside the allocated buffer.

The bug can be observed when parsing an XML file with very deep element nesting

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

21

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.