USN-815-1 -- libxml2 vulnerabilitiesID: oval:org.secpod.oval:def:700434 | Date: (C)2011-05-13 (M)2024-02-08 |
Class: PATCH | Family: unix |
It was discovered that libxml2 did not correctly handle root XML document element DTD definitions. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. It was discovered that libxml2 did not correctly parse Notation and Enumeration attribute types. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. USN-644-1 fixed a vulnerability in libxml2. This advisory provides the corresponding update for Ubuntu 9.04. Original advisory details: It was discovered that libxml2 did not correctly handle long entity names. If a user were tricked into processing a specially crafted XML document, a remote attacker could execute arbitrary code with user privileges or cause the application linked against libxml2 to crash, leading to a denial of service
Platform: |
Ubuntu 8.04 |
Ubuntu 9.04 |
Ubuntu 6.06 |
Ubuntu 8.10 |