Lucene search
GoogleOSV:DSA-1666-1HistoryNov 17, 2008 - 12:00 a.m.
libxml2 - several vulnerabilities
2008-11-1700:00:00
Google
osv.dev
11
0.019 Low
EPSS
Percentile
88.4%
Several vulnerabilities have been discovered in the GNOME XML library.
The Common Vulnerabilities and Exposures project identifies the
following problems:
- CVE-2008-4225
Drew Yao discovered that missing input sanitising in the
xmlBufferResize() function may lead to an infinite loop,
resulting in denial of service. - CVE-2008-4226
Drew Yao discovered that an integer overflow in the
xmlSAX2Characters() function may lead to denial of service or
the execution of arbitrary code.
For the stable distribution (etch), these problems have been fixed in
version 2.6.27.dfsg-6.
For the upcoming stable distribution (lenny) and the unstable
distribution (sid), these problems have been fixed in
version 2.6.32.dfsg-5.
We recommend that you upgrade your libxml2 packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libxml2 | eq | 2.6.27.dfsg-2 | |
| libxml2 | eq | 2.6.27.dfsg-3 | |
| libxml2 | eq | 2.6.27.dfsg-1 | |
| libxml2 | eq | 2.6.27.dfsg-5 | |
| libxml2 | eq | 2.6.27.dfsg-4 |
References
Related
nessus
nessus
Fedora 10 : libxml2-2.7.2-2.fc10 (2008-10038)
2012-09-24 00:00:00
Fedora 9 : libxml2-2.7.2-2.fc9 (2008-9773)
2008-11-21 00:00:00
Debian DSA-1666-1 : libxml2 - several vulnerabilities
2008-11-18 00:00:00
openvas
openvas
CentOS Update for libxml2 CESA-2008:0988-01 centos2 i386
2009-02-27 00:00:00
CentOS Update for libxml2 CESA-2008:0988 centos3 i386
2009-02-27 00:00:00
Fedora Update for libxml2 FEDORA-2008-9773
2009-02-17 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: libxml2-2.7.2-2.fc10
2008-11-22 16:50:52
[SECURITY] Fedora 9 Update: libxml2-2.7.2-2.fc9
2008-11-19 14:55:44
[SECURITY] Fedora 8 Update: libxml2-2.7.2-2.fc8
2008-11-19 14:51:06
altlinux
altlinux
Security fix for the ALT Linux 5 package libxml2 version 1:2.7.2-alt2
2008-11-25 00:00:00
Security fix for the ALT Linux 9 package libxml2 version 1:2.7.2-alt2
2008-11-25 00:00:00
centos
centos
libxml2 security update
2008-11-17 23:54:51
libxml2 security update
2008-11-24 00:43:15
freebsd
freebsd
libxml2 -- multiple vulnerabilities
2008-11-18 00:00:00
ubuntu
ubuntu
libxml2 vulnerabilities
2008-11-19 00:00:00
oraclelinux
oraclelinux
libxml2 security update
2008-11-17 00:00:00
slackware
slackware
[slackware-security] libxml2
2008-11-20 03:51:12
redhat
redhat
(RHSA-2008:0988) Important: libxml2 security update
2008-11-17 00:00:00
debian
debian
[SECURITY] [DSA 1666-1] New libxml2 packages fix several vulnerabilities
2008-11-17 23:34:04
vmware
vmware
cve
cve
CVE-2008-4225
2008-11-25 23:30:00
CVE-2008-4226
2008-11-25 23:30:00
prion
prion
Integer overflow
2008-11-25 23:30:00
Integer overflow
2008-11-25 23:30:00
cvelist
cvelist
CVE-2008-4225
2008-11-25 23:00:00
CVE-2008-4226
2008-11-25 23:00:00
gentoo
gentoo
libxml2: Multiple vulnerabilities
2008-12-02 00:00:00
ubuntucve
ubuntucve
CVE-2008-4226
2008-11-25 00:00:00
CVE-2008-4225
2008-11-25 00:00:00
nvd
nvd
CVE-2008-4225
2008-11-25 23:30:00
CVE-2008-4226
2008-11-25 23:30:00
debiancve
debiancve
CVE-2008-4225
2008-11-25 23:30:00
CVE-2008-4226
2008-11-25 23:30:00
seebug
seebug
libxml2 xmlSAX2Characters()ε½ζ°ζ΄ζ°ζΊ’εΊζΌζ΄
2008-11-20 00:00:00
securityvulns
securityvulns
libxml library DoS
2008-08-25 00:00:00
HP System Management Homepage multiple security vulnerabilities
2010-05-20 00:00:00