CVE-2008-3529
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2008-3529
Status
Candidate
Description
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.
Phase
Assigned (07.08.2008)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3529
References
APPLE :
APPLE-SA-2009-05-12
APPLE :
APPLE-SA-2009-06-08-1
APPLE :
APPLE-SA-2009-06-17-1
BID :
31126
CERT :
TA09-133A
CONFIRM :
http://sunsolve.sun.com/search/document.do?assetke...
CONFIRM :
http://sunsolve.sun.com/search/document.do?assetke...
CONFIRM :
http://support.apple.com/kb/HT3549
CONFIRM :
http://support.apple.com/kb/HT3550
CONFIRM :
http://support.apple.com/kb/HT3613
CONFIRM :
http://support.apple.com/kb/HT3639
CONFIRM :
http://support.avaya.com/elmodocs2/security/ASA-20...
CONFIRM :
http://support.avaya.com/elmodocs2/security/ASA-20...
CONFIRM :
http://wiki.rpath.com/Advisories:rPSA-2008-0325
CONFIRM :
https://bugzilla.redhat.com/show_bug.cgi?id=461015
DEBIAN :
DSA-1654
GENTOO :
GLSA-200812-06
MANDRIVA :
MDVSA-2008:192
MILW0RM :
8798
MISC :
http://xmlsoft.org/news.html
OVAL :
oval:org.mitre.oval:def:11760
OVAL :
oval:org.mitre.oval:def:6103
REDHAT :
RHSA-2008:0884
REDHAT :
RHSA-2008:0886
SECTRACK :
1020855
SECUNIA :
31558
SECUNIA :
31855
SECUNIA :
31860
SECUNIA :
31868
SECUNIA :
31982
SECUNIA :
32265
SECUNIA :
32280
SECUNIA :
32807
SECUNIA :
32974
SECUNIA :
33715
SECUNIA :
33722
SECUNIA :
35056
SECUNIA :
35074
SECUNIA :
35379
SECUNIA :
36173
SECUNIA :
36235
SUNALERT :
247346
SUNALERT :
261688
SUNALERT :
265329
SUSE :
SUSE-SR:2008:018
UBUNTU :
USN-644-1
UBUNTU :
USN-815-1
VUPEN :
ADV-2008-2822
VUPEN :
ADV-2009-1297
VUPEN :
ADV-2009-1298
VUPEN :
ADV-2009-1522
VUPEN :
ADV-2009-1621
XF :
libxml2-entitynames-bo(45085)
SecurityVulns:
WebKit / Apple Safari multiple security vulnerabilities
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
