CVE-2008-4409

libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities definitions" in entities, which allows context-dependent attackers to cause a denial of service memory consumption and application crash, as demonstrated by use of xmllint on a certain XML document, a different vulnerability th...

CVE-2008-4409

CVE-2008-4409 affects libxml2 (versions 2.7.0 and 2.7.1). It arises from improper handling of predefined entities definitions in entities, enabling context-dependent attackers to cause a denial of service (memory consumption and application crash), as demonstrated by the use of xmllint on a speci...

CVE-2008-4409

libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities definitions" in entities, which allows context-dependent attackers to cause a denial of service memory consumption and application crash, as demonstrated by use of xmllint on a certain XML document, a different vulnerability th...

libxml2 - Denial of Service

source: https://www.securityfocus.com/bid/31555/info The libxml2 library is prone to a denial-of-service vulnerability caused by an error when handling files using entities in entity definitions. An attacker can exploit this issue to cause the library to consume an excessive amount of memory,...

libxml2 - Denial of Service

libxml2 - Denial of Service source: https://www.securityfocus.com/bid/31555/info The libxml2 library is prone to a denial-of-service vulnerability caused by an error when handling files using entities in entity definitions. An attacker can exploit this issue to cause the library to consume an...

Gentoo Security Advisory GLSA 200801-20 (libxml2)

The remote host is missing updates announced in advisory GLSA 200801-20. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200411-05 (libxml2)

The remote host is missing updates announced in advisory GLSA 200411-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200801-20 (libxml2)

The remote host is missing updates announced in advisory GLSA 200801-20. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200403-01 (libxml)

The remote host is missing updates announced in advisory GLSA 200403-01. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libxml XML实体名堆溢出漏洞

BUGTRAQ ID: 31126 CVECAN ID: CVE-2008-3529 libxml软件包提供允许用户操控XML文件的函数库，包含有读、修改和写XML和HTML文件支持。 libxml2库的parser.c文件中的xmlParseAttValueComplex函数中存在堆溢出漏洞，如果用户受骗打开的XML文件中包含有超长的实体名称的话，就可以触发这个溢出，导致拒绝服务或执行任意指令。 XMLSoft Libxml2 2.7.0 RedHat ------ RedHat已经为此发布了一个安全公告（RHSA-2008:0886-01）以及相应补丁:...

openSUSE 10 Security Update : libxml2 (libxml2-5586)

Specially crafted xml files could cause a crash or a heap based buffer overlow in libxml2 CVE-2008-3281, CVE-2008-3529. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libxml2-5586. The text...

SuSE 10 Security Update : libxml2 (ZYPP Patch Number 5583)

Specially crafted xml files could cause a crash or a heap based buffer overlow in libxml2. CVE-2008-3281 / CVE-2008-3529 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

CVE-2008-3529

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via a long XML entity name...

DEBIAN-CVE-2008-3529

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via a long XML entity name...

CVE-2008-3529

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via a long XML entity name...

CVE-2008-3529

No additional technical details about CVE-2008-3529 are present in the provided documents. Public details appear in the Initial Description, but no connected documents confirm affected products/versions/root cause/fixes. Monitor for updates.

CVE-2008-3529

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via a long XML entity name...

CVE-2008-3529

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via a long XML entity name...

RHEL 3 / 4 / 5 : libxml2 (RHSA-2008:0884)

Updated libxml2 packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The libxml2 packages provide a library that allows you to manipulate XML files. It...

CentOS 3 / 4 / 5 : libxml2 (CESA-2008:0884)

Updated libxml2 packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The libxml2 packages provide a library that allows you to manipulate XML files. It...