6.8 Medium
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.019 Low
EPSS
Percentile
88.3%
Drew Yao discovered that libxml2 did not correctly handle certain corrupt
XML documents. If a user or automated system were tricked into processing
a malicious XML document, a remote attacker could cause applications
linked against libxml2 to enter an infinite loop, leading to a denial
of service. (CVE-2008-4225)
Drew Yao discovered that libxml2 did not correctly handle large memory
allocations. If a user or automated system were tricked into processing a
very large XML document, a remote attacker could cause applications linked
against libxml2 to crash, leading to a denial of service. (CVE-2008-4226)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.10 | noarch | libxml2 | <Β 2.6.32.dfsg-4ubuntu1.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libxml2 | <Β dbg-2.6.32.dfsg-4ubuntu1.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libxml2 | <Β dev-2.6.32.dfsg-4ubuntu1.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libxml2 | <Β udeb-2.6.32.dfsg-4ubuntu1.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libxml2 | <Β utils-2.6.32.dfsg-4ubuntu1.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | python-libxml2 | <Β 2.6.32.dfsg-4ubuntu1.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | python-libxml2 | <Β dbg-2.6.32.dfsg-4ubuntu1.1 | UNKNOWN |
Ubuntu | 8.04 | noarch | libxml2 | <Β 2.6.31.dfsg-2ubuntu1.3 | UNKNOWN |
Ubuntu | 8.04 | noarch | libxml2-dbg | <Β 2.6.31.dfsg-2ubuntu1.3 | UNKNOWN |
Ubuntu | 8.04 | noarch | libxml2-dev | <Β 2.6.31.dfsg-2ubuntu1.3 | UNKNOWN |