Lucene search
FreeBSDF1E0164E-B67B-11DD-A55E-00163E000016HistoryNov 18, 2008 - 12:00 a.m.
libxml2 -- multiple vulnerabilities
2008-11-1800:00:00
vuxml.freebsd.org
17
0.019 Low
EPSS
Percentile
88.3%
Secunia reports:
Two vulnerabilities have been reported in Libxml2, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
to potentially compromise an application using the library.
- An integer overflow error in the βxmlSAX2Characters()β function
can be exploited to trigger a memory corruption via a specially
Successful exploitation may allow execution of arbitrary code, but
requires e.g. that the user is tricked into processing an overly
large XML file (2GB or more). - An integer overflow error in the βxmlBufferResize()β function
can be exploited to trigger the execution of an infinite loop.
The vulnerabilities are reported in version 2.7.2.
Other versions may also be affected.
Related
openvas
openvas
FreeBSD Ports: libxml2
2008-11-24 00:00:00
Ubuntu Update for libxml2 vulnerabilities USN-673-1
2009-03-23 00:00:00
RedHat Update for libxml2 RHSA-2008:0988-01
2009-03-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package libxml2 version 1:2.7.2-alt2
2008-11-25 00:00:00
Security fix for the ALT Linux 5 package libxml2 version 1:2.7.2-alt2
2008-11-25 00:00:00
centos
centos
libxml2 security update
2008-11-17 23:54:51
libxml2 security update
2008-11-24 00:43:15
nessus
nessus
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / current : libxml2 (SSA:2008-324-01)
2008-11-21 00:00:00
Oracle Linux 3 / 4 / 5 : libxml2 (ELSA-2008-0988)
2013-07-12 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: libxml2-2.7.2-2.fc10
2008-11-22 16:50:52
[SECURITY] Fedora 9 Update: libxml2-2.7.2-2.fc9
2008-11-19 14:55:44
[SECURITY] Fedora 8 Update: libxml2-2.7.2-2.fc8
2008-11-19 14:51:06
osv
osv
libxml2 - several vulnerabilities
2008-11-17 00:00:00
ubuntu
ubuntu
libxml2 vulnerabilities
2008-11-19 00:00:00
oraclelinux
oraclelinux
libxml2 security update
2008-11-17 00:00:00
redhat
redhat
(RHSA-2008:0988) Important: libxml2 security update
2008-11-17 00:00:00
debian
debian
[SECURITY] [DSA 1666-1] New libxml2 packages fix several vulnerabilities
2008-11-17 23:34:24
slackware
slackware
[slackware-security] libxml2
2008-11-20 03:51:12
vmware
vmware
gentoo
gentoo
libxml2: Multiple vulnerabilities
2008-12-02 00:00:00
prion
prion
Integer overflow
2008-11-25 23:30:00
Integer overflow
2008-11-25 23:30:00
cve
cve
CVE-2008-4225
2008-11-25 23:30:00
CVE-2008-4226
2008-11-25 23:30:00
debiancve
debiancve
CVE-2008-4226
2008-11-25 23:30:00
CVE-2008-4225
2008-11-25 23:30:00
ubuntucve
ubuntucve
CVE-2008-4226
2008-11-25 00:00:00
CVE-2008-4225
2008-11-25 00:00:00
seebug
seebug
libxml2 xmlSAX2Characters()ε½ζ°ζ΄ζ°ζΊ’εΊζΌζ΄
2008-11-20 00:00:00
securityvulns
securityvulns
libxml library DoS
2008-08-25 00:00:00
HP System Management Homepage multiple security vulnerabilities
2010-05-20 00:00:00