[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-6284Date: (C)2008-01-11   (M)2023-12-22


The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1019181
SUNALERT-103201
http://www.securityfocus.com/archive/1/486410/100/0/threaded
http://www.securityfocus.com/archive/1/490306/100/0/threaded
SUNALERT-201514
BID-27248
SECUNIA-28439
SECUNIA-28444
SECUNIA-28450
SECUNIA-28452
SECUNIA-28458
SECUNIA-28466
SECUNIA-28470
SECUNIA-28475
SECUNIA-28636
SECUNIA-28716
SECUNIA-28740
SECUNIA-29591
SECUNIA-31074
ADV-2008-0117
ADV-2008-0144
ADV-2008-1033
ADV-2008-2094
APPLE-SA-2008-07-11
DSA-1461
FEDORA-2008-0462
FEDORA-2008-0477
GLSA-200801-20
MDVSA-2008:010
RHSA-2008:0032
SUSE-SR:2008:002
USN-569-1
http://lists.vmware.com/pipermail/security-announce/2008/000009.html
http://mail.gnome.org/archives/xml/2008-January/msg00036.html
http://bugs.gentoo.org/show_bug.cgi?id=202628
http://support.avaya.com/elmodocs2/security/ASA-2008-047.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-050.htm
http://www.xmlsoft.org/news.html
https://bugzilla.redhat.com/show_bug.cgi?id=425927
https://issues.rpath.com/browse/RPL-2121
oval:org.mitre.oval:def:11594
oval:org.mitre.oval:def:5216

CWE    1
CWE-399
OVAL    2
oval:org.secpod.oval:def:301458
oval:org.mitre.oval:def:8180

© SecPod Technologies