[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-4225

Date: (C)2008-11-25   (M)2017-11-18 


Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.

CVSS Score: 7.8Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 6.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: COMPLETE





Reference:
SECTRACK-1021239
SUNALERT-251406
SUNALERT-261688
SUNALERT-265329
BID-32331
SECUNIA-32762
SECUNIA-32764
SECUNIA-32766
SECUNIA-32773
SECUNIA-32802
SECUNIA-32807
SECUNIA-32811
SECUNIA-32974
SECUNIA-33417
SECUNIA-33746
SECUNIA-33792
SECUNIA-34247
SECUNIA-35379
SECUNIA-36173
SECUNIA-36235
OSVDB-49992
ADV-2008-3176
ADV-2009-0034
ADV-2009-0301
ADV-2009-0323
ADV-2009-1522
ADV-2009-1621
APPLE-SA-2009-06-08-1
APPLE-SA-2009-06-17-1
DSA-1666
FEDORA-2008-9729
FEDORA-2008-9773
GLSA-200812-06
IAVM:2009-B-0006
MDVSA-2008:231
RHSA-2008:0988
SSA:2008-324-01
USN-673-1
http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1
http://support.apple.com/kb/HT3613
http://support.apple.com/kb/HT3639
http://support.avaya.com/elmodocs2/security/ASA-2009-002.htm
http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm
http://wiki.rpath.com/Advisories:rPSA-2008-0325
http://www.vmware.com/security/advisories/VMSA-2009-0001.html
https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc10
https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc9
https://bugzilla.redhat.com/show_bug.cgi?id=470480

CWE    1
CWE-189
OVAL    5
oval:org.secpod.oval:def:17247
oval:org.secpod.oval:def:101485
oval:org.secpod.oval:def:301626
oval:org.secpod.oval:def:17282
...

© 2013 SecPod Technologies