lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
1.16.33-3.2ubuntu31.33.06-0ubuntu10.6.3-3build10.1.0+git20150808-10.1.0+git20150808-20.23.3-2ubuntu24.8.1-1ubuntu34.8.1-1ubuntu44.8.2-3.1ubuntu14.9.0-3ubuntu24.9.0-4ubuntu14.9.0-4ubuntu1.10.13+ds1-50.8.3-10.10.7-11.33.14-0.2ubuntu31.33.14-1ubuntu10.23.3-2ubuntu3Exploitability
AV:NAC:LPR:NUI:RScope
S:UImpact
C:HI:HA:HCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H