CVE-2007-6284

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service infinite loop via XML containing invalid UTF-8 sequences...

DEBIAN-CVE-2007-6284

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service infinite loop via XML containing invalid UTF-8 sequences...

CVE-2007-6284

CVE-2007-6284 describes a denial-of-service vulnerability in libxml2 where the function xmlCurrentChar() mishandles certain UTF-8 sequences, allowing context-dependent attackers to cause an infinite loop or high CPU consumption when parsing XML. The issue is triggered by malformed XML content and...

CVE-2007-6284

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service infinite loop via XML containing invalid UTF-8 sequences...

[SECURITY] Fedora 7 Update: libxml2-2.6.31-1.fc7

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

[SECURITY] Fedora 8 Update: libxml2-2.6.31-1.fc8

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

libxml2 security update

CentOS Errata and Security Advisory CESA-2008:0032 Updated libxml2 packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The libxml2 packages provide a library that allows you to manipulate XML...

Important: Red Hat Security Advisory: libxml2 security update

Updated libxml2 packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The libxml2 packages provide a library that allows you to manipulate XML files. It includes support to read, modify, and writ...

libxml2: infinite loop in UTF-8 decoding

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service infinite loop via XML containing invalid UTF-8 sequences...

Important: libxml2 security update

2.5.10-8.0.1 - Add patch libxml2-enterprise.patch, and other logo changes in tarball 2.5.10-8 - Patch to fix UTF-8 decoding problem CVE-2007-6284 - Resolves: rhbz425930...

Ubuntu 4.10 : XML library vulnerabilities (USN-10-1)

Several buffer overflows have been discovered in libxml2's FTP connection and DNS resolution functions. Supplying very long FTP URLs or IP addresses might result in execution of arbitrary code with the privileges of the process using libxml2. Since libxml2 is used in packages like php4-imagick, t...

DEBIAN-CVE-2004-0989

Multiple buffer overflows in libXML 2.6.12 and 2.6.13 libxml2, and possibly other versions, may allow remote attackers to execute arbitrary code via 1 a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, 2 a long proxy URL containing FTP data that is not properly handled...

libxml2 various overflows

Multiple buffer overflows in libXML 2.6.12 and 2.6.13 libxml2, and possibly other versions, may allow remote attackers to execute arbitrary code via 1 a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, 2 a long proxy URL containing FTP data that is not properly handled...

libxml2 long URL causes SEGV

Buffer overflow in the 1 nanohttp or 2 nanoftp modules in XMLSoft Libxml 2 Libxml2 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL...

RHEL 2.1 / 3 : libxml2 (RHSA-2004:615)

An updated libxml2 package that fixes multiple buffer overflows is now available. libxml2 is a library for manipulating XML files. Multiple buffer overflow bugs have been found in libxml2 versions prior to 2.6.14. If an attacker can trick a user into passing a specially crafted FTP URL or FTP pro...

Moderate: Red Hat Security Advisory: libxml2 security update

An updated libxml2 package that fixes multiple buffer overflows is now available. libxml2 is a library for manipulating XML files. Multiple buffer overflow bugs have been found in libxml2 versions prior to 2.6.14. If an attacker can trick a user into passing a specially crafted FTP URL or FTP pro...

Debian DSA-582-1 : libxml - buffer overflow

'infamous41md' discovered several buffer overflows in libxml and libxml2, the XML C parser and toolkits for GNOME. Missing boundary checks could cause several buffers to be overflown, which may cause the client to execute arbitrary code. The following vulnerability matrix lists corrected versions...

GLSA-200411-05 : libxml2: Remotely exploitable buffer overflow

The remote host is affected by the vulnerability described in GLSA-200411-05 libxml2: Remotely exploitable buffer overflow Multiple buffer overflows have been detected in the nanoftp and nanohttp modules. These modules are responsible for parsing URLs with ftp information, and resolving names via...

[SECURITY] [DSA 582-1] New libxml packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 582-1 [email protected] http://www.debian.org/security/ Martin Schulze November 2nd, 2004 http://www.debian.org/security/faq -...

libxml2: Remotely exploitable buffer overflow

Background libxml2 is an XML parsing library written in C. Description Multiple buffer overflows have been detected in the nanoftp and nanohttp modules. These modules are responsible for parsing URLs with ftp information, and resolving names via DNS. Impact An attacker could exploit an applicatio...