Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-673-1
HistoryNov 19, 2008 - 12:00 a.m.

libxml2 vulnerabilities

2008-11-1900:00:00
ubuntu.com
49

6.8 Medium

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.3%

JSON

Releases

  • Ubuntu 8.10
  • Ubuntu 8.04
  • Ubuntu 7.10
  • Ubuntu 6.06

Packages

  • libxml2 -

Details

Drew Yao discovered that libxml2 did not correctly handle certain corrupt
XML documents. If a user or automated system were tricked into processing
a malicious XML document, a remote attacker could cause applications
linked against libxml2 to enter an infinite loop, leading to a denial
of service. (CVE-2008-4225)

Drew Yao discovered that libxml2 did not correctly handle large memory
allocations. If a user or automated system were tricked into processing a
very large XML document, a remote attacker could cause applications linked
against libxml2 to crash, leading to a denial of service. (CVE-2008-4226)

OSVersionArchitecturePackageVersionFilename
Ubuntu8.10noarchlibxml2<Β 2.6.32.dfsg-4ubuntu1.1UNKNOWN
Ubuntu8.10noarchlibxml2<Β dbg-2.6.32.dfsg-4ubuntu1.1UNKNOWN
Ubuntu8.10noarchlibxml2<Β dev-2.6.32.dfsg-4ubuntu1.1UNKNOWN
Ubuntu8.10noarchlibxml2<Β udeb-2.6.32.dfsg-4ubuntu1.1UNKNOWN
Ubuntu8.10noarchlibxml2<Β utils-2.6.32.dfsg-4ubuntu1.1UNKNOWN
Ubuntu8.10noarchpython-libxml2<Β 2.6.32.dfsg-4ubuntu1.1UNKNOWN
Ubuntu8.10noarchpython-libxml2<Β dbg-2.6.32.dfsg-4ubuntu1.1UNKNOWN
Ubuntu8.04noarchlibxml2<Β 2.6.31.dfsg-2ubuntu1.3UNKNOWN
Ubuntu8.04noarchlibxml2-dbg<Β 2.6.31.dfsg-2ubuntu1.3UNKNOWN
Ubuntu8.04noarchlibxml2-dev<Β 2.6.31.dfsg-2ubuntu1.3UNKNOWN
Rows per page:
1-10 of 261

Related

openvas 64
altlinux 2
centos 2
nessus 56
fedora 4
oraclelinux 1
redhat 1
debian 1
slackware 1
osv 1
freebsd 1
vmware 2
gentoo 1
ubuntucve 2
prion 2
debiancve 2
cve 2
seebug 1
securityvulns 3
openvas
openvas
FreeBSD Ports: libxml2
2008-11-24 00:00:00
Ubuntu Update for libxml2 vulnerabilities USN-673-1
2009-03-23 00:00:00
RedHat Update for libxml2 RHSA-2008:0988-01
2009-03-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package libxml2 version 1:2.7.2-alt2
2008-11-25 00:00:00
Security fix for the ALT Linux 5 package libxml2 version 1:2.7.2-alt2
2008-11-25 00:00:00
centos
centos
libxml2 security update
2008-11-17 23:54:51
libxml2 security update
2008-11-24 00:43:15
nessus
nessus
Fedora 10 : libxml2-2.7.2-2.fc10 (2008-10038)
2012-09-24 00:00:00
Fedora 8 : libxml2-2.7.2-2.fc8 (2008-9729)
2008-11-21 00:00:00
Debian DSA-1666-1 : libxml2 - several vulnerabilities
2008-11-18 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: libxml2-2.7.2-2.fc10
2008-11-22 16:50:52
[SECURITY] Fedora 9 Update: libxml2-2.7.2-2.fc9
2008-11-19 14:55:44
[SECURITY] Fedora 8 Update: libxml2-2.7.2-2.fc8
2008-11-19 14:51:06
oraclelinux
oraclelinux
libxml2 security update
2008-11-17 00:00:00
redhat
redhat
(RHSA-2008:0988) Important: libxml2 security update
2008-11-17 00:00:00
debian
debian
[SECURITY] [DSA 1666-1] New libxml2 packages fix several vulnerabilities
2008-11-17 23:34:24
slackware
slackware
[slackware-security] libxml2
2008-11-20 03:51:12
osv
osv
libxml2 - several vulnerabilities
2008-11-17 00:00:00
freebsd
freebsd
libxml2 -- multiple vulnerabilities
2008-11-18 00:00:00
vmware
vmware
ESX patches address an issue loading corrupt virtual disks and update Service Console packages
2009-01-30 00:00:00
ESX patches address an issue loading corrupt virtual disks and update Service Console packages
2009-01-30 00:00:00
gentoo
gentoo
libxml2: Multiple vulnerabilities
2008-12-02 00:00:00
ubuntucve
ubuntucve
CVE-2008-4225
2008-11-25 00:00:00
CVE-2008-4226
2008-11-25 00:00:00
prion
prion
Integer overflow
2008-11-25 23:30:00
Integer overflow
2008-11-25 23:30:00
debiancve
debiancve
CVE-2008-4226
2008-11-25 23:30:00
CVE-2008-4225
2008-11-25 23:30:00
cve
cve
CVE-2008-4225
2008-11-25 23:30:00
CVE-2008-4226
2008-11-25 23:30:00
seebug
seebug
libxml2 xmlSAX2Characters()ε‡½ζ•°ζ•΄ζ•°ζΊ’ε‡ΊζΌζ΄ž
2008-11-20 00:00:00
securityvulns
securityvulns
libxml library DoS
2008-08-25 00:00:00
[security bulletin] HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage &#40;SMH&#41; for Linux and Windows, Remote Cross Site Scripting &#40;XSS&#41;, Denial of Service &#40;DoS&#41;, Execution of Arbitrary Code, Unauthorized Access
2010-04-26 00:00:00
HP System Management Homepage multiple security vulnerabilities
2010-05-20 00:00:00

6.8 Medium

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.3%

JSON
Related for USN-673-1
openvas64altlinux2centos2nessus56fedora4oraclelinux1redhat1debian1slackware1osv1freebsd1vmware2gentoo1ubuntucve2prion2debiancve2cve2seebug1securityvulns3