DSA-2394-1 libxml2 -- severalID: oval:org.secpod.oval:def:600710 | Date: (C)2012-02-13 (M)2023-11-16 |
Class: PATCH | Family: unix |
Many security problems had been fixed in libxml2, a popular library to handle XML data files. CVE-2011-3919: Jüri Aedla discovered a heap-based buffer overflow that allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-0216: An Off-by-one error have been discoveried that allows remote attackers to execute arbitrary code or cause a denial of service. CVE-2011-2821: A memory corruption bug has been identified in libxml2"s XPath engine. Through it, it is possible to an attacker allows cause a denial of service or possibly have unspecified other impact. This vulnerability does not affect the oldstable distribution . CVE-2011-2834: Yang Dingning discovered a double free vulnerability related to XPath handling. CVE-2011-3905: An out-of-bounds read vulnerability had been discovered, which allows remote attackers to cause a denial of service.
Platform: |
Debian 5.0 |
Debian 6.0 |