Computer Security

libxml library DoS
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



libxml library DoS
Published:25.08.2008
Source:BUGTRAQ
SecurityVulns ID:9241
Type:library
Level:5/10
Description:DoS through CPU and memory exhaustion.
Affected:LIBXML : libxml 2.6
CVE:CVE-2008-4225 (Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.)
 CVE-2008-3281 (libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service (25.08.2008)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru