A flaw was found in the isiin_keyword function in isiin.c in libbibutils.a in bibutils through 6.2. A read access violation allows remote attackers to cause a denial of service (application crash), as demonstrated by isi2xml.
Created bibutils tracking bugs for this issue:
Affects: epel-all [bug 1577261]
Affects: fedora-all [bug 1577259]
Created ghc-hs-bibutils tracking bugs for this issue:
Affects: epel-all [bug 1577262]
Affects: fedora-all [bug 1577260]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):