4 matches found
CVE-2008-3529
No additional technical details about CVE-2008-3529 are present in the provided documents. Public details appear in the Initial Description, but no connected documents confirm affected products/versions/root cause/fixes. Monitor for updates.
CVE-2003-1564
CVE-2003-1564 involves the XML parser library (libxml2) and a failure to detect recursion during entity expansion. A crafted XML document with a large number of nested entity references can trigger a denial of service through excessive memory and CPU usage (the classic “billion laughs” scenario)....
CVE-2008-3281
libxml2 up to version 2.6.32 is affected by CVE-2008-3281 due to improper detection of recursion during entity expansion in an attribute value, enabling a denial-of-service via crafted XML (memory and CPU consumption). The Gentoo GLSA confirms this, and recommends upgrading to libxml2 >= 2.7.2...
CVE-2008-4409
CVE-2008-4409 affects libxml2 (versions 2.7.0 and 2.7.1). It arises from improper handling of predefined entities definitions in entities, enabling context-dependent attackers to cause a denial of service (memory consumption and application crash), as demonstrated by the use of xmllint on a speci...