Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vmwareVMwareVMSA-2008-0017
HistoryOct 31, 2008 - 12:00 a.m.

Updated ESX packages for libxml2, ucd-snmp, libtiff

2008-10-3100:00:00
www.vmware.com
19

0.972 High

EPSS

Percentile

99.8%

JSON

a. Updated ESX Service Console package libxml2

A denial of service flaw was found in the way libxml2 processes
certain content. If an application that is linked against
libxml2 processes malformed XML content, the XML content might
cause the application to stop responding.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-3281 to this issue.
Additionally the following was also fixed, but was missing in the
security advisory.
A heap-based buffer overflow flaw was found in the way libxml2
handled long XML entity names. If an application linked against
libxml2 processed untrusted malformed XML content, it could cause
the application to crash or, possibly, execute arbitrary code.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-3529 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

Related

vmware 1
nessus 55
openvas 70
freebsd 1
ubuntu 3
gentoo 2
debiancve 3
oraclelinux 4
packetstorm 2
redhat 4
ubuntucve 4
seebug 6
exploitpack 1
checkpoint_advisories 2
securityvulns 8
altlinux 6
fedora 4
veracode 3
debian 4
cve 3
prion 3
centos 6
osv 1
f5 2
cisco 1
vmware
vmware
Updated ESX packages for libxml2, ucd-snmp, libtiff
2008-10-31 00:00:00
nessus
nessus
VMSA-2008-0017 : Updated ESX packages for libxml2, ucd-snmp, libtiff
2009-07-27 00:00:00
openSUSE Security Update : libxml2 (libxml2-184)
2009-07-21 00:00:00
FreeBSD : libxml2 -- two vulnerabilities (d71da236-9a94-11dd-8f42-001c2514716c)
2008-10-15 00:00:00
openvas
openvas
SLES10: Security update for libxml2
2009-10-13 00:00:00
Mandriva Update for libxml2 MDVSA-2008:192 (libxml2)
2009-04-09 00:00:00
FreeBSD Ports: libxml2
2008-11-01 00:00:00
freebsd
freebsd
libxml2 -- two vulnerabilities
2008-08-22 00:00:00
ubuntu
ubuntu
libxml2 vulnerabilities
2008-09-11 00:00:00
libxml2 vulnerability
2008-09-03 00:00:00
tiff vulnerability
2008-09-02 00:00:00
gentoo
gentoo
libxml2: Multiple vulnerabilities
2008-12-02 00:00:00
libTIFF: User-assisted execution of arbitrary code
2008-09-08 00:00:00
debiancve
debiancve
CVE-2008-3281
2008-08-27 20:41:00
CVE-2008-2327
2008-08-27 20:41:00
CVE-2008-3529
2008-09-12 16:56:00
oraclelinux
oraclelinux
libxml2 security update
2008-09-11 00:00:00
libxml2 security update
2008-08-21 00:00:00
libtiff security and bug fix update
2008-08-28 00:00:00
packetstorm
packetstorm
Safari RSS feed:// Buffer Overflow
2009-05-27 00:00:00
Netragard Security Advisory 2009-06-22
2009-06-23 00:00:00
redhat
redhat
(RHSA-2008:0884) Important: libxml2 security update
2008-09-11 00:00:00
(RHSA-2008:0836) Moderate: libxml2 security update
2008-08-21 00:00:00
(RHSA-2008:0863) Important: libtiff security update
2008-08-28 00:00:00
ubuntucve
ubuntucve
CVE-2008-3529
2008-09-12 00:00:00
CVE-2008-3281
2008-08-27 00:00:00
CVE-2008-2327
2008-08-27 00:00:00
seebug
seebug
Safari RSS feed:// Buffer Overflow via libxml2 Exploit PoC
2009-05-27 00:00:00
libxml XML实体名堆缓冲区溢出漏洞
2008-09-14 00:00:00
libxml2递归实体远程拒绝服务漏洞
2008-08-26 00:00:00
exploitpack
exploitpack
Apple Safari - RSS feed: Buffer Overflow via libxml2 (PoC)
2009-05-26 00:00:00
checkpoint_advisories
checkpoint_advisories
Multiple Products libxml2 XML File Processing Entity Name Buffer Overflow (CVE-2008-3529)
2010-02-01 00:00:00
Multiple Vendor SNMPv3 HMAC Handling Authentication Bypass (CVE-2008-0960)
2008-06-22 00:00:00
securityvulns
securityvulns
[Full-disclosure] [NETRAGARD SECURITY ADVISORY] [< Safari 3.2.3 Arbitrary Code Execution + PoC ][NETRAGARD-20090622]
2009-06-22 00:00:00
[Full-disclosure] [NETRAGARD SECURITY ADVISORY] [< Safari 3.2.3 Arbitrary Code Execution + PoC ][NETRAGARD-20090622]
2009-06-22 00:00:00
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service
2008-08-25 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package libxml2 version 1:2.6.32-alt2
2008-08-21 00:00:00
Security fix for the ALT Linux 9 package libxml2 version 1:2.6.32-alt3
2008-09-01 00:00:00
Security fix for the ALT Linux 5 package libxml2 version 1:2.6.32-alt3
2008-09-01 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: libxml2-2.6.32-3.fc9
2008-09-10 07:04:24
[SECURITY] Fedora 9 Update: libtiff-3.8.2-11.fc9
2008-09-10 06:37:24
[SECURITY] Fedora 8 Update: libxml2-2.6.32-2.fc8
2008-09-10 06:44:31
veracode
veracode
Denial Of Service (DoS)
2021-11-09 03:48:07
Arbitrary Code Execution
2020-04-10 00:34:39
Authentication Bypass
2020-04-10 00:31:19
debian
debian
[SECURITY] [DSA 1654-1] New libxml2 packages fix execution of arbitrary code
2008-10-14 18:04:50
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service
2008-08-26 17:53:23
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service
2008-08-22 19:19:24
cve
cve
CVE-2008-3281
2008-08-27 20:41:00
CVE-2008-3529
2008-09-12 16:56:00
CVE-2008-2327
2008-08-27 20:41:00
prion
prion
Code injection
2008-08-27 20:41:00
Heap overflow
2008-09-12 16:56:00
Buffer overflow
2008-08-27 20:41:00
centos
centos
libxml2 security update
2008-08-25 01:21:18
libxml2 security update
2008-08-23 12:03:03
libtiff security update
2008-08-29 21:30:43
osv
osv
libxml2 - execution of arbitrary code
2008-10-14 00:00:00
f5
f5
K8939 : SNMPv3 HMAC verification vulnerability CVE-2008-0960 - VU#878044
2013-03-19 00:00:00
K9025 : FirePass SNMP DoS vulnerability
2013-03-18 00:00:00
cisco
cisco
SNMP Version 3 Authentication Vulnerabilities
2008-06-10 00:00:00

0.972 High

EPSS

Percentile

99.8%

JSON
Related for VMSA-2008-0017
vmware1nessus55openvas70freebsd1ubuntu3gentoo2debiancve3oraclelinux4packetstorm2redhat4ubuntucve4seebug6exploitpack1checkpoint_advisories2securityvulns8altlinux6fedora4veracode3debian4cve3prion3centos6osv1f52cisco1