Mandriva Linux Security Advisory : libxml (MDVSA-2009:200-1)

Multiple vulnerabilities has been found and corrected in libxml : Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service application crash via a large depth of element declarations i...

DSA-1861-1 libxml - several issues

Bulletin has no description...

CVE-2009-2414

Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service application crash via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the...

CVE-2009-2416

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service application crash via crafted 1 Notation or 2 Enumeration attribute types in an XML file, as demonstrated by the...

Design/Logic Flaw

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service application crash via crafted 1 Notation or 2 Enumeration attribute types in an XML file, as demonstrated by the...

Design/Logic Flaw

Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service application crash via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the...

DEBIAN-CVE-2009-2414

Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service application crash via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the...

CVE-2009-2416

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service application crash via crafted 1 Notation or 2 Enumeration attribute types in an XML file, as demonstrated by the...

CVE-2009-2416

CVE-2009-2416 is a use-after-free in libxml2 (versions 2.5.10, 2.6.16, 2.6.26, 2.6.27, 2.6.32) and libxml 1.8.17 triggered by crafted Notation/Enumeration attribute types in a DTD; leads to denial of service (application crash). Related CVE-2009-2414 is a stack-growth DoS via deep DTD structures....

CVE-2009-2414

Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service application crash via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the...

CentOS 3 / 5 : libxml / libxml2 (CESA-2009:1206)

Updated libxml and libxml2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. libxml is a library for parsing and manipulating XML files. A...

RHEL 3 / 4 / 5 : libxml and libxml2 (RHSA-2009:1206)

Updated libxml and libxml2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. libxml is a library for parsing and manipulating XML files. A...

libxml multiple security vulnerability

Memory use-after-free, stack overflow exhaustion...

CVE-2009-2416

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service application crash via crafted 1 Notation or 2 Enumeration attribute types in an XML file, as demonstrated by the...

Moderate: Red Hat Security Advisory: libxml and libxml2 security update

Updated libxml and libxml2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. libxml is a library for parsing and manipulating XML files. A...

PT-2009-1016 · Xmlsoft +2 · Libxml +3

Name of the Vulnerable Software and Affected Versions: libxml2 versions 2.5.10 through 2.6.32 libxml version 1.8.17 Description: The issue allows context-dependent attackers to cause a denial of service, resulting in an application crash, via crafted Notation or Enumeration attribute types in an...

PT-2009-1015 · Xml +2 · Libxml2 +2

Name of the Vulnerable Software and Affected Versions: libxml2 versions 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32 libxml version 1.8.17 libxml2 versions prior to 2.7.3 Description: The issue is related to a stack consumption vulnerability in libxml2, allowing context-dependent attackers to cause...

libxml and libxml2 security update

libxml: 1:1.8.17-9.3 - fix a couple of crash - Resolves: rhbg515226 libxml2: 2.6.26-2.1.2.8.0.1 - Add libxml2-enterprise.patch and update logos in tarball 2.6.26-2.1.2.8 - Fix a couple of crash CVE-2009-2414 and CVE-2009-2416 - Resolves: rhbz515236...

libxml -- Stack consumption vulnerability

Stack consumption vulnerability allows context-dependent attackers to cause a denial of service application crash via a large depth of element declarations in a DTD...

libxml -- Multiple use-after-free vulnerabilities

Multiple use-after-free vulnerabilities in libxml 1.8.17 that allow context-dependent attackers to cause a denial of service application crash via crafted 1 Notation or 2 Enumeration attribute types in an XML file...