Lucene search
RootSSV:12038HistoryAug 12, 2009 - 12:00 a.m.
libxml2栈溢出和释放后使用拒绝漏洞
2009-08-1200:00:00
Root
www.seebug.org
27
0.002 Low
EPSS
Percentile
61.2%
BUGTRAQ ID: 36010
CVE(CAN) ID: CVE-2009-2414,CVE-2009-2416
libxml2软件包提供允许用户操控XML文件的函数库,包含有读、修改和写XML和HTML文件支持。
libxml库处理DTD中根XML文档元素定义的方式存在栈溢出漏洞,解析Notation和Enumeration属性类型的方式存在多个释放后使用漏洞。远程攻击者可以提供特制的XML文件,如果本地用户受骗打开了该文件,就会导致拒绝服务(应用程序崩溃)。
XMLSoft Libxml2 <= 2.6.26
厂商补丁:
RedHat
RedHat已经为此发布了一个安全公告(RHSA-2009:1206-01)以及相应补丁:
RHSA-2009:1206-01:Moderate: libxml and libxml2 security update
链接:https://www.redhat.com/support/errata/RHSA-2009-1206.html
Related
nessus
nessus
openSUSE Security Update : libxml2 (libxml2-1175)
2009-08-12 00:00:00
RHEL 3 / 4 / 5 : libxml and libxml2 (RHSA-2009:1206)
2009-08-11 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package libxml2 version 1:2.7.3-alt2
2009-08-17 00:00:00
Security fix for the ALT Linux 9 package libxml2 version 1:2.7.3-alt2
2009-08-17 00:00:00
openvas
openvas
CentOS Security Advisory CESA-2009:1206 (libxml2)
2009-08-17 00:00:00
Mandrake Security Advisory MDVSA-2009:200 (libxml)
2009-08-17 00:00:00
Fedora Core 11 FEDORA-2009-8498 (libxml2)
2009-08-17 00:00:00
securityvulns
securityvulns
libxml multiple security vulnerability
2009-08-11 00:00:00
[SECURITY] [DSA 1859-1] New libxml2 packages fix several issues
2009-08-11 00:00:00
osv
osv
libxml2 - several issues
2009-08-10 00:00:00
libxml - several issues
2009-08-13 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: mingw32-libxml2-2.7.3-2.fc11
2009-08-15 08:17:15
[SECURITY] Fedora 11 Update: libxml2-2.7.3-3.fc11
2009-08-11 22:40:10
[SECURITY] Fedora 11 Update: libxml-1.8.17-24.fc11
2009-08-15 08:18:18
f5
f5
K15864 : libxml vulnerabilities CVE-2009-2414 and CVE-2009-2416
2015-09-14 00:00:00
SOL15864 - libxml vulnerabilities CVE-2009-2414 and CVE-2009-2416
2014-11-25 00:00:00
gentoo
gentoo
libxml2: Denial of service
2010-09-21 00:00:00
debian
debian
[SECURITY] [DSA 1861-1] New libxml packages fix several issues
2009-08-13 20:40:37
[SECURITY] [DSA 1859-1] New libxml2 packages fix several issues
2009-08-10 18:55:11
redhat
redhat
(RHSA-2009:1206) Moderate: libxml and libxml2 security update
2009-08-10 00:00:00
oraclelinux
oraclelinux
libxml and libxml2 security update
2009-08-10 00:00:00
centos
centos
libxml, libxml2 security update
2009-08-10 21:37:50
chrome
chrome
Stable Update: Security fixes
2009-08-25 00:00:00
ubuntu
ubuntu
libxml2 vulnerabilities
2009-08-11 00:00:00
cve
cve
CVE-2009-2416
2009-08-11 18:30:00
CVE-2009-2414
2009-08-11 18:30:00
ubuntucve
ubuntucve
CVE-2009-2416
2009-08-11 00:00:00
CVE-2009-2414
2009-08-11 00:00:00
freebsd
freebsd
libxml -- Multiple use-after-free vulnerabilities
2009-08-03 00:00:00
libxml -- Stack consumption vulnerability
2009-08-03 00:00:00
prion
prion
Design/Logic Flaw
2009-08-11 18:30:00
Design/Logic Flaw
2009-08-11 18:30:00
debiancve
debiancve
CVE-2009-2416
2009-08-11 18:30:00
CVE-2009-2414
2009-08-11 18:30:00
seebug
seebug
Safari 4.0.4版本修复多个安全漏洞
2009-11-13 00:00:00
threatpost
threatpost
Apple Patches Critical Safari Vulnerabilities
2009-11-11 21:45:09
