CVE-2008-4225 - Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers

CVE-2008-4225

Summary

Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.

References

Vulnerable Configurations

cpe:2.3:a:xmlsoft:libxml:2.7.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml:2.7.2:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 29-09-2017 - 01:32)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

oval via4

accepted

2013-04-29T04:00:34.886-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 3
oval oval:org.mitre.oval:def:11782
comment CentOS Linux 3.x
oval oval:org.mitre.oval:def:16651
comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.

family

unix

oval:org.mitre.oval:def:10025

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.

version

accepted

2009-03-23T04:00:21.781-04:00

class

vulnerability

contributors

name	Pai Peng
organization	Hewlett-Packard

definition_extensions

comment Solaris 9 (SPARC) is installed
oval oval:org.mitre.oval:def:1457
comment Solaris 10 (SPARC) is installed
oval oval:org.mitre.oval:def:1440
comment Solaris 9 (x86) is installed
oval oval:org.mitre.oval:def:1683
comment Solaris 10 (x86) is installed
oval oval:org.mitre.oval:def:1926

description

Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.

family

unix

oval:org.mitre.oval:def:6234

status

accepted

submitted

2009-02-13T15:56:00.000-05:00

title

Security Vulnerabilities in the libxml2 Library Routines xmlBufferResize() May Lead to Denial of Service (DoS)

version

accepted

2010-05-17T04:00:16.481-04:00

class

vulnerability

contributors

name Michael Wood
organization Hewlett-Packard
name Michael Wood
organization Hewlett-Packard
name J. Daniel Brown
organization DTCC

definition_extensions

comment VMWare ESX Server 3.0.3 is installed
oval oval:org.mitre.oval:def:6026
comment VMWare ESX Server 3.0.2 is installed
oval oval:org.mitre.oval:def:5613
comment VMware ESX Server 3.5.0 is installed
oval oval:org.mitre.oval:def:5887

description

Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.

family

unix

oval:org.mitre.oval:def:6415

status

accepted

submitted

2009-09-23T15:39:02.000-04:00

title

Libxml2 Integer Overflow in xmlBufferResize() Lets Remote Users Deny Service

version

redhat via4

advisories

rhsa

id	RHSA-2008:0988

rpms

libxml2-0:2.4.19-12.ent
libxml2-0:2.5.10-14
libxml2-0:2.6.16-12.6
libxml2-0:2.6.26-2.1.2.7
libxml2-debuginfo-0:2.5.10-14
libxml2-debuginfo-0:2.6.16-12.6
libxml2-debuginfo-0:2.6.26-2.1.2.7
libxml2-devel-0:2.4.19-12.ent
libxml2-devel-0:2.5.10-14
libxml2-devel-0:2.6.16-12.6
libxml2-devel-0:2.6.26-2.1.2.7
libxml2-python-0:2.4.19-12.ent
libxml2-python-0:2.5.10-14
libxml2-python-0:2.6.16-12.6
libxml2-python-0:2.6.26-2.1.2.7

refmap via4

apple	APPLE-SA-2009-06-08-1 APPLE-SA-2009-06-17-1
bid	32331
confirm	http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1 http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1 http://support.apple.com/kb/HT3613 http://support.apple.com/kb/HT3639 http://support.avaya.com/elmodocs2/security/ASA-2009-002.htm http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm http://wiki.rpath.com/Advisories:rPSA-2008-0325 http://www.vmware.com/security/advisories/VMSA-2009-0001.html https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc10 https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc9 https://bugzilla.redhat.com/show_bug.cgi?id=470480
debian	DSA-1666
fedora	FEDORA-2008-9729 FEDORA-2008-9773
gentoo	GLSA-200812-06
mandriva	MDVSA-2008:231
osvdb	49992
sectrack	1021239
secunia	32762 32764 32766 32773 32802 32807 32811 32974 33417 33746 33792 34247 35379 36173 36235
slackware	SSA:2008-324-01
sunalert	251406 261688 265329
ubuntu	USN-673-1
vupen	ADV-2008-3176 ADV-2009-0034 ADV-2009-0301 ADV-2009-0323 ADV-2009-1522 ADV-2009-1621

Last major update

29-09-2017 - 01:32

Published

25-11-2008 - 23:30

Last modified

29-09-2017 - 01:32