SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2008-4225

Date: (C)2008-11-25 (M)2024-02-22

Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.8
Exploit Score: 10.0
Impact Score: 6.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE

Reference:

SECTRACK-1021239

SUNALERT-251406

SUNALERT-261688

SUNALERT-265329

APPLE-SA-2009-06-08-1

APPLE-SA-2009-06-17-1

FEDORA-2008-9729

FEDORA-2008-9773

SSA:2008-324-01

http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1

http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1

http://support.apple.com/kb/HT3613

http://support.apple.com/kb/HT3639

http://support.avaya.com/elmodocs2/security/ASA-2009-002.htm

http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm

http://wiki.rpath.com/Advisories:rPSA-2008-0325

http://www.vmware.com/security/advisories/VMSA-2009-0001.html

https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc10

https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc9

https://bugzilla.redhat.com/show_bug.cgi?id=470480

oval:org.mitre.oval:def:10025

oval:org.mitre.oval:def:6234

oval:org.mitre.oval:def:6415

oval:org.secpod.oval:def:17247
oval:org.mitre.oval:def:7803
oval:org.secpod.oval:def:301626
oval:org.secpod.oval:def:101485
...

© SecPod Technologies