[Forgot Password]
Login  Register Subscribe

23631

 
 

122183

 
 

98060

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

MDVSA-2008:231 -- Mandriva libxml2

ID: oval:org.secpod.oval:def:301626Date: (C)2012-01-07   (M)2017-10-04
Class: PATCHFamily: unix




Drew Yaro of the Apple Product Security Team found two flaws in libxml2. The first is a denial of service flaw in libxml2"s XML parser. If an application linked against libxml2 were to process certain malformed XML content, it cause the application to enter an infinite loop . The second is an integer overflow that caused a heap-based buffer overflow in libxml2"s XML parser. If an application linked against libxml2 were to process certain malformed XML content, it could cause the application to crash or possibly execute arbitrary code . The updated packages have been patched to correct these issues.

Platform:
Mandriva Linux 2009.0
Mandriva Linux 2008.1
Mandriva Linux 2008.0
Product:
libxml2
Reference:
MDVSA-2008:231
CVE-2008-4226
CVE-2008-4225
CVE    2
CVE-2008-4225
CVE-2008-4226
CPE    3
cpe:/o:mandriva:linux:2008.1
cpe:/o:mandriva:linux:2009.0
cpe:/o:mandriva:linux:2008.0

© 2013 SecPod Technologies