libxml2: integer overflow leading to memory corruption in xmlSAX2Characters

Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a large XML document...

libxml2 security update

2.6.26-2.1.2.7.0.1 - Add libxml2-enterprise.patch and update logos in tarball 2.6.26-2.1.2.7 - two patches for size overflows problems CVE-2008-4225 and CVE-2008-4226 - Resolves: rhbz470474...

DSA-1666-1 libxml2 - several vulnerabilities

Bulletin has no description...

Debian Security Advisory DSA 1654-1 (libxml2)

The remote host is missing an update to libxml2 announced via advisory DSA 1654-1. OpenVAS Vulnerability Test $Id: deb16541.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1654-1 libxml2 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: libxml2

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: libxml2

The remote host is missing an update to the system as announced in the referenced advisory. VID d71da236-9a94-11dd-8f42-001c2514716c OpenVAS Vulnerability Test $ Description: Auto generated from VID d71da236-9a94-11dd-8f42-001c2514716c Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian: Security Advisory (DSA-1654-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated ESX packages for libxml2, ucd-snmp, libtiff

a. Updated ESX Service Console package libxml2A denial of service flaw was found in the way libxml2 processescertain content. If an application that is linked againstlibxml2 processes malformed XML content, the XML content mightcause the application to stop responding.The Common Vulnerabilities a...

VMSA-2008-0017:Updated ESX packages for libxml2, ucd-snmp, libtiff

VMSA-2008-0017.2 Updated ESX packages for libxml2, ucd-snmp, libtiff VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2008-0017.2 VMware Security Advisory Synopsis: Updated ESX packages for libxml2, ucd-snmp, libtiff VMware Security Advisory Issue date: 2008-10-31 VMware Securi...

[ MDVSA-2008:212 ] libxml2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2008:212 http://www.mandriva.com/security/ Package : libxml2 Date : October 15, 2008 Affected: 2009.0 Problem Description: libxml2 version 2.7.0 and 2.7.1 did not properly handle predefined entities definitions i...

Debian DSA-1654-1 : libxml2 - buffer overflow

It was discovered that libxml2, the GNOME XML library, didn't correctly handle long entity names. This could allow the execution of arbitrary code via a malicious XML file. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

FreeBSD : libxml2 -- two vulnerabilities (d71da236-9a94-11dd-8f42-001c2514716c)

Secunia reports : Two vulnerabilities have been reported in Libxml2, which can be exploited by malicious people to cause a DoS Denial of Service or potentially compromise an application using the library. 1 A recursion error exists when processing certain XML content. This can be exploited to e.g...

[SECURITY] [DSA 1654-1] New libxml2 packages fix execution of arbitrary code

------------------------------------------------------------------------ Debian Security Advisory DSA-1654-1 [email protected] http://www.debian.org/security/ Steve Kemp October 14, 2008 http://www.debian.org/security/faq -...

DSA-1654-1 libxml2 - execution of arbitrary code

Bulletin has no description...

Fedora 8 : libxml2-2.7.1-2.fc8 (2008-8582)

This is an urgent security fix for a bug newly introduced in libxml2-2.7.x leading to CPU and memory exhaustion. See upstream bug report for further details: https://bugzilla.gnome.org/showbug.cgi?id=554660 Note that Tenable Network Security has extracted the preceding description block directly...

Fedora 9 : libxml2-2.7.1-2.fc9 (2008-8575)

This is an urgent security fix for a bug newly introduced in libxml2-2.7.x leading to CPU and memory exhaustion. See upstream bug report for further details: https://bugzilla.gnome.org/showbug.cgi?id=554660 Note that Tenable Network Security has extracted the preceding description block directly...

[SECURITY] Fedora 8 Update: libxml2-2.7.1-2.fc8

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

[SECURITY] Fedora 9 Update: libxml2-2.7.1-2.fc9

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

CVE-2008-4409

libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities definitions" in entities, which allows context-dependent attackers to cause a denial of service memory consumption and application crash, as demonstrated by use of xmllint on a certain XML document, a different vulnerability th...

CVE-2008-4409

libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities definitions" in entities, which allows context-dependent attackers to cause a denial of service memory consumption and application crash, as demonstrated by use of xmllint on a certain XML document, a different vulnerability th...