MDVSA-2013:017 -- Mandriva libxml2ID: oval:org.secpod.oval:def:1300163 | Date: (C)2013-03-22 (M)2023-12-07 |
Class: PATCH | Family: unix |
A vulnerability has been found and corrected in libxml2: A denial of service flaw was found in the way libxml2 performed string substitutions when entity values for entity references replacement was enabled. A remote attacker could provide a specially-crafted XML file that, when processed by an application linked against libxml2, would lead to excessive CPU consumption . The updated packages have been upgraded to the 2.7.6 version and patched to correct this issue.
Platform: |
Mandriva Enterprise Server 5.2 |