ID CVE-2008-4226
Summary Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
References
Vulnerable Configurations
  • cpe:2.3:a:xmlsoft:libxml:2.7.2
    cpe:2.3:a:xmlsoft:libxml:2.7.2
CVSS
Base: 10.0 (as of 26-11-2008 - 09:13)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-10000.NASL
    description This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. Update Information: Fixes a couple of security issues when overflowing text data size of buffer size.
    last seen 2016-09-26
    modified 2012-10-01
    plugin id 37490
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37490
    title Fedora 10 2008-10000
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120954.NASL
    description AM 7.0: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10 This plugin has been deprecated and either replaced with individual 120954 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 36756
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36756
    title Solaris 10 (sparc) : 120954-12 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_120954.NASL
    description AM 7.0: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 37271
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37271
    title Solaris 8 (sparc) : 120954-12
  • NASL family SuSE Local Security Checks
    NASL id SUSE_LIBXML2-5756.NASL
    description This update fixes an integer overflow in libxml2 that could lead to memory corruption and arbitrary code execution. (CVE-2008-4226) Thanks to: Drew Yao of Apple Product Security
    last seen 2019-02-21
    modified 2014-06-02
    plugin id 34847
    published 2008-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34847
    title SuSE 10 Security Update : libxml2 (ZYPP Patch Number 5756)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_LIBXML2-5755.NASL
    description This update fixes an integer overflow in libxml2 that could lead to memory corruption and arbitrary code execution. (CVE-2008-4226) Thanks to: Drew Yao of Apple Product Security
    last seen 2019-02-21
    modified 2014-06-02
    plugin id 41555
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41555
    title SuSE 10 Security Update : libxml2 (ZYPP Patch Number 5755)
  • NASL family Windows
    NASL id SAFARI_4.0.NASL
    description The version of Safari installed on the remote Windows host is earlier than 4.0. It therefore is potentially affected by numerous issues in the following components : - CFNetwork - CoreGraphics - ImageIO - International Components for Unicode - libxml - Safari - Safari Windows Installer - WebKit
    last seen 2019-02-21
    modified 2018-07-27
    plugin id 39339
    published 2009-06-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39339
    title Safari < 4.0 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12286.NASL
    description This update fixes an integer overflow in libxml2 that could lead to memory corruption and arbitrary code execution. (CVE-2008-4226) Thanks to: Drew Yao of Apple Product Security
    last seen 2019-02-21
    modified 2014-06-02
    plugin id 41253
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41253
    title SuSE9 Security Update : libxml2 (YOU Patch Number 12286)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_120955.NASL
    description AM 7.0_x86: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 38005
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38005
    title Solaris 9 (x86) : 120955-12
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_126357-06.NASL
    description Sun Java System Access Manager 7.1 Solaris_x86. Date this patch was last updated by Sun : Apr/23/11
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107950
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107950
    title Solaris 10 (x86) : 126357-06
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_123923-12.NASL
    description Sun Management Center 3.6.1: Patch for Solaris 10. Date this patch was last updated by Sun : Nov/25/09
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107395
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107395
    title Solaris 10 (sparc) : 123923-12
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SAFARI4_0.NASL
    description The version of Apple Safari installed on the remote Mac OS X host is earlier than 4.0. As such, it is potentially affected by numerous issues in the following components : - CFNetwork - libxml - Safari - WebKit
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 39338
    published 2009-06-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39338
    title Mac OS X : Apple Safari < 4.0
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2009-0001.NASL
    description a. Loading a corrupt delta disk may cause ESX to crash If the VMDK delta disk of a snapshot is corrupt, an ESX host might crash when the corrupted disk is loaded. VMDK delta files exist for virtual machines with one or more snapshots. This change ensures that a corrupt VMDK delta file cannot be used to crash ESX hosts. A corrupt VMDK delta disk, or virtual machine would have to be loaded by an administrator. VMware would like to thank Craig Marshall for reporting this issue. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4914 to this issue. b. Updated Service Console package net-snmp Net-SNMP is an implementation of the Simple Network Management Protocol (SNMP). SNMP is used by network management systems to monitor hosts. A denial-of-service flaw was found in the way Net-SNMP processes SNMP GETBULK requests. A remote attacker who issued a specially- crafted request could cause the snmpd server to crash. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4309 to this issue. c. Updated Service Console package libxml2 An integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4226 to this issue. A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4225 to this issue.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 40387
    published 2009-07-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40387
    title VMSA-2009-0001 : ESX patches address an issue loading corrupt virtual disks and update Service Console packages
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS7_123919.NASL
    description Sun Management Center 3.6.1: Patch for Solaris 7. Date this patch was last updated by Sun : Dec/01/09
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 23690
    published 2006-11-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23690
    title Solaris 7 (sparc) : 123919-12
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-9729.NASL
    description Fixes a couple of security issues when overflowing text data size of buffer size. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 34830
    published 2008-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34830
    title Fedora 8 : libxml2-2.7.2-2.fc8 (2008-9729)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-231.NASL
    description Drew Yao of the Apple Product Security Team found two flaws in libxml2. The first is a denial of service flaw in libxml2's XML parser. If an application linked against libxml2 were to process certain malformed XML content, it cause the application to enter an infinite loop (CVE-2008-4225). The second is an integer overflow that caused a heap-based buffer overflow in libxml2's XML parser. If an application linked against libxml2 were to process certain malformed XML content, it could cause the application to crash or possibly execute arbitrary code (CVE-2008-4226). The updated packages have been patched to correct these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 36883
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36883
    title Mandriva Linux Security Advisory : libxml2 (MDVSA-2008:231)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_120954.NASL
    description AM 7.0: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 37533
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37533
    title Solaris 9 (sparc) : 120954-12
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120955-12.NASL
    description AM 7.0_x86: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107871
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107871
    title Solaris 10 (x86) : 120955-12
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2008-324-01.NASL
    description New libxml2 packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, and -current to fix security issues including a denial or service or the possible execution of arbitrary code if untrusted XML is processed.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 34822
    published 2008-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34822
    title Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / current : libxml2 (SSA:2008-324-01)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120955.NASL
    description AM 7.0_x86: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10 This plugin has been deprecated and either replaced with individual 120955 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 38126
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38126
    title Solaris 10 (x86) : 120955-12 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_126356.NASL
    description Sun Java System Access Manager 7.1 Solaris. Date this patch was last updated by Sun : Jun/19/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 30011
    published 2008-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30011
    title Solaris 5.8 (sparc) : 126356-03
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_126356.NASL
    description Sun Java System Access Manager 7.1 Solaris. Date this patch was last updated by Sun : Jun/19/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 44085
    published 2010-01-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44085
    title Solaris 5.9 (x86) : 126356-03
  • NASL family SuSE Local Security Checks
    NASL id SUSE_LIBXML2-5754.NASL
    description This update fixes an integer overflow in libxml2 that could lead to memory corruption and arbitrary code execution. (CVE-2008-4226) Thanks to: Drew Yao of Apple Product Security
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 34846
    published 2008-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34846
    title openSUSE 10 Security Update : libxml2 (libxml2-5754)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_123923.NASL
    description Sun Management Center 3.6.1: Patch for Solaris 10. Date this patch was last updated by Sun : Nov/25/09 This plugin has been deprecated and either replaced with individual 123923 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 37632
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37632
    title Solaris 10 (sparc) : 123923-12 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_127680.NASL
    description Sun Management Center 4.0: Patch for Solaris 8. Date this patch was last updated by Sun : Nov/25/09
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 67163
    published 2013-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67163
    title Solaris 8 (sparc) : 127680-07
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_126356.NASL
    description Sun Java System Access Manager 7.1 Solaris. Date this patch was last updated by Sun : Jun/19/09
    last seen 2018-09-01
    modified 2018-08-22
    plugin id 30007
    published 2008-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30007
    title Solaris 5.10 (sparc) : 126356-03
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120954-12.NASL
    description AM 7.0: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107369
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107369
    title Solaris 10 (sparc) : 120954-12
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200812-06.NASL
    description The remote host is affected by the vulnerability described in GLSA-200812-06 (libxml2: Multiple vulnerabilities) Multiple vulnerabilities were reported in libxml2: Andreas Solberg reported that libxml2 does not properly detect recursion during entity expansion in an attribute value (CVE-2008-3281). A heap-based buffer overflow has been reported in the xmlParseAttValueComplex() function in parser.c (CVE-2008-3529). Christian Weiske reported that predefined entity definitions in entities are not properly handled (CVE-2008-4409). Drew Yao of Apple Product Security reported an integer overflow in the xmlBufferResize() function that can lead to an infinite loop (CVE-2008-4225). Drew Yao of Apple Product Security reported an integer overflow in the xmlSAX2Characters() function leading to a memory corruption (CVE-2008-4226). Impact : A remote attacker could entice a user or automated system to open a specially crafted XML document with an application using libxml2, possibly resulting in the exeution of arbitrary code or a high CPU and memory consumption. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 35023
    published 2008-12-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35023
    title GLSA-200812-06 : libxml2: Multiple vulnerabilities
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_127681.NASL
    description Sun Management Center 4.0: Patch for Solaris 9. Date this patch was last updated by Sun : Nov/25/09
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 67167
    published 2013-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67167
    title Solaris 9 (sparc) : 127681-07
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_123921.NASL
    description Sun Management Center 3.6.1: Patch for Solaris 9. Date this patch was last updated by Sun : Nov/25/09
    last seen 2018-09-02
    modified 2016-12-09
    plugin id 36354
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36354
    title Solaris 9 (sparc) : 123921-12
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_123924.NASL
    description Sun Management Center 3.6.1_x86: Patch for Solaris 10. Date this patch was last updated by Sun : Nov/25/09 This plugin has been deprecated and either replaced with individual 123924 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 67153
    published 2013-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67153
    title Solaris 10 (x86) : 123924-11 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_126357.NASL
    description Sun Java System Access Manager 7.1 Solaris_x86. Date this patch was last updated by Sun : Jun/19/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 30014
    published 2008-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30014
    title Solaris 5.9 (x86) : 126357-03
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_126357.NASL
    description Sun Java System Access Manager 7.1 Solaris_x86. Date this patch was last updated by Sun : Jun/19/09
    last seen 2018-09-01
    modified 2018-08-22
    plugin id 30010
    published 2008-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30010
    title Solaris 5.10 (x86) : 126357-03
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_126356-06.NASL
    description Sun Java System Access Manager 7.1 Solaris. Date this patch was last updated by Sun : Apr/23/11
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107450
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107450
    title Solaris 10 (sparc) : 126356-06
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0988.NASL
    description Updated libxml2 packages that fix security issues are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. libxml2 is a library for parsing and manipulating XML files. It includes support for reading, modifying, and writing XML and HTML files. An integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2008-4226) A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. (CVE-2008-4225) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. Users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 34811
    published 2008-11-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34811
    title RHEL 2.1 / 3 / 4 / 5 : libxml2 (RHSA-2008:0988)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-9773.NASL
    description Fixes a couple of security issues when overflowing text data size of buffer size. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 34834
    published 2008-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34834
    title Fedora 9 : libxml2-2.7.2-2.fc9 (2008-9773)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0988.NASL
    description Updated libxml2 packages that fix security issues are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. libxml2 is a library for parsing and manipulating XML files. It includes support for reading, modifying, and writing XML and HTML files. An integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2008-4226) A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. (CVE-2008-4225) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. Users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 37692
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37692
    title CentOS 3 / 4 / 5 : libxml2 (CESA-2008:0988)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-10038.NASL
    description Fixes a couple of security issues when overflowing text data size of buffer size. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 62272
    published 2012-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62272
    title Fedora 10 : libxml2-2.7.2-2.fc10 (2008-10038)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2009-0018.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Add bug347316.patch to backport fix for bug#347316 from upstream version - Add libxml2-enterprise.patch and update logos in tarball - Fix a couple of crash (CVE-2009-2414, CVE-2009-2416) - Resolves: rhbz#515236 - two patches for size overflows problems (CVE-2008-4225, CVE-2008-4226) - Resolves: rhbz#470474 - Patch to fix an entity name copy buffer overflow (CVE-2008-3529) - Resolves: rhbz#461023 - Better fix for (CVE-2008-3281) - Resolves: rhbz#458095 - change the patch for CVE-2008-3281 due to ABI issues - Resolves: rhbz#458095 - Patch to fix recursive entities handling (CVE-2008-3281) - Resolves: rhbz#458095 - Patch to fix UTF-8 decoding problem (CVE-2007-6284) - Resolves: rhbz#425933
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 79462
    published 2014-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79462
    title OracleVM 2.1 : libxml2 (OVMSA-2009-0018)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_X86_126357.NASL
    description Sun Java System Access Manager 7.1 Solaris_x86. Date this patch was last updated by Sun : Jun/19/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 30012
    published 2008-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30012
    title Solaris 5.8 (x86) : 126357-03
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_123920.NASL
    description Sun Management Center 3.6.1: Patch for Solaris 8. Date this patch was last updated by Sun : Nov/25/09
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 37363
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37363
    title Solaris 8 (sparc) : 123920-12
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_119467.NASL
    description IS 6.3_x86: Sun Java(TM) System Access Manager 6 2005Q1. Date this patch was last updated by Sun : Jun/29/09
    last seen 2018-09-02
    modified 2016-12-09
    plugin id 23612
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23612
    title Solaris 9 (x86) : 119467-17
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_127682.NASL
    description Sun Management Center 4.0: Patch for Solaris 9_x86. Date this patch was last updated by Sun : Nov/25/09
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 67170
    published 2013-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67170
    title Solaris 9 (x86) : 127682-07
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119467.NASL
    description IS 6.3_x86: Sun Java(TM) System Access Manager 6 2005Q1. Date this patch was last updated by Sun : Jun/29/09 This plugin has been deprecated and either replaced with individual 119467 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 25389
    published 2007-06-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25389
    title Solaris 10 (x86) : 119467-17 (deprecated)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-673-1.NASL
    description Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. If a user or automated system were tricked into processing a malicious XML document, a remote attacker could cause applications linked against libxml2 to enter an infinite loop, leading to a denial of service. (CVE-2008-4225) Drew Yao discovered that libxml2 did not correctly handle large memory allocations. If a user or automated system were tricked into processing a very large XML document, a remote attacker could cause applications linked against libxml2 to crash, leading to a denial of service. (CVE-2008-4226). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-23
    plugin id 36916
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36916
    title Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : libxml2 vulnerabilities (USN-673-1)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_123922.NASL
    description Sun Management Center 3.6.1_x86: Patch for Solaris 9. Date this patch was last updated by Sun : Nov/25/09
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 67169
    published 2013-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67169
    title Solaris 9 (x86) : 123922-11
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_126356.NASL
    description Sun Java System Access Manager 7.1 Solaris. Date this patch was last updated by Sun : Jun/19/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 30013
    published 2008-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30013
    title Solaris 5.9 (sparc) : 126356-03
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_123924-11.NASL
    description Sun Management Center 3.6.1_x86: Patch for Solaris 10. Date this patch was last updated by Sun : Nov/25/09
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107898
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107898
    title Solaris 10 (x86) : 123924-11
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20081117_LIBXML2_ON_SL3_X.NASL
    description An integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2008-4226) A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. (CVE-2008-4225)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60496
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60496
    title Scientific Linux Security Update : libxml2 on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1666.NASL
    description Several vulnerabilities have been discovered in the GNOME XML library. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-4225 Drew Yao discovered that missing input sanitising in the xmlBufferResize() function may lead to an infinite loop, resulting in denial of service. - CVE-2008-4226 Drew Yao discovered that an integer overflow in the xmlSAX2Characters() function may lead to denial of service or the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 34810
    published 2008-11-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34810
    title Debian DSA-1666-1 : libxml2 - several vulnerabilities
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_F1E0164EB67B11DDA55E00163E000016.NASL
    description Secunia reports : Two vulnerabilities have been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library. 1) An integer overflow error in the 'xmlSAX2Characters()' function can be exploited to trigger a memory corruption via a specially Successful exploitation may allow execution of arbitrary code, but requires e.g. that the user is tricked into processing an overly large XML file (2GB or more). 2) An integer overflow error in the 'xmlBufferResize()' function can be exploited to trigger the execution of an infinite loop. The vulnerabilities are reported in version 2.7.2. Other versions may also be affected.
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 34840
    published 2008-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34840
    title FreeBSD : libxml2 -- multiple vulnerabilities (f1e0164e-b67b-11dd-a55e-00163e000016)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0988.NASL
    description From Red Hat Security Advisory 2008:0988 : Updated libxml2 packages that fix security issues are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. libxml2 is a library for parsing and manipulating XML files. It includes support for reading, modifying, and writing XML and HTML files. An integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2008-4226) A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. (CVE-2008-4225) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. Users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 67769
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67769
    title Oracle Linux 3 / 4 / 5 : libxml2 (ELSA-2008-0988)
  • NASL family Web Servers
    NASL id HPSMH_6_0_0_95.NASL
    description According to its self-reported version number, the HP System Management Homepage install on the remote host is earlier than 6.0.0.96 / 6.0.0-95. Such versions are potentially affected by the following vulnerabilities : - A cross-site scripting (XSS) vulnerability due to a failure to sanitize UTF-7 encoded input. Browsers are only affected if encoding is set to auto-select. (CVE-2008-1468) - An integer overflow in the libxml2 library that can result in a heap overflow. (CVE-2008-4226) - A buffer overflow in the PHP mbstring extension. (CVE-2008-5557) - An unspecified XSS in PHP when 'display_errors' is enabled. (CVE-2008-5814) - Multiple denial of service vulnerabilities in OpenSSL DTLS. (CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387) - A cross-site scripting vulnerability due to a failure to sanitize input to the 'servercert' parameter of '/proxy/smhu/getuiinfo'. (CVE-2009-4185) - An unspecified vulnerability that could allow an attacker to access sensitive information, modify data, or cause a denial of service. (CVE-2010-1034)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 46015
    published 2010-04-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46015
    title HP System Management Homepage < 6.0.0.96 / 6.0.0-95 Multiple Vulnerabilities
oval via4
  • accepted 2009-03-23T04:00:21.430-04:00
    class vulnerability
    contributors
    name Pai Peng
    organization Hewlett-Packard
    definition_extensions
    • comment Solaris 9 (SPARC) is installed
      oval oval:org.mitre.oval:def:1457
    • comment Solaris 10 (SPARC) is installed
      oval oval:org.mitre.oval:def:1440
    • comment Solaris 9 (x86) is installed
      oval oval:org.mitre.oval:def:1683
    • comment Solaris 10 (x86) is installed
      oval oval:org.mitre.oval:def:1926
    description Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
    family unix
    id oval:org.mitre.oval:def:6219
    status accepted
    submitted 2009-02-13T15:56:00.000-05:00
    title Security Vulnerabilities in the libxml2 Library Routines xmlSAX2Characters() May Lead to Arbitrary Code Execution or Denial of Service (DoS)
    version 31
  • accepted 2010-05-17T04:00:14.937-04:00
    class vulnerability
    contributors
    • name Michael Wood
      organization Hewlett-Packard
    • name Michael Wood
      organization Hewlett-Packard
    • name J. Daniel Brown
      organization DTCC
    definition_extensions
    • comment VMWare ESX Server 3.0.3 is installed
      oval oval:org.mitre.oval:def:6026
    • comment VMWare ESX Server 3.0.2 is installed
      oval oval:org.mitre.oval:def:5613
    • comment VMware ESX Server 3.5.0 is installed
      oval oval:org.mitre.oval:def:5887
    description Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
    family unix
    id oval:org.mitre.oval:def:6360
    status accepted
    submitted 2009-09-23T15:39:02.000-04:00
    title Libxml2 Integer Overflow in xmlSAX2Characters() May Let Remote Users Execute Arbitrary Code
    version 5
  • accepted 2013-04-29T04:23:04.825-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
    family unix
    id oval:org.mitre.oval:def:9888
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
    version 24
redhat via4
advisories
bugzilla
id 470480
title CVE-2008-4225 libxml2: integer overflow leading to infinite loop in xmlBufferResize
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhsa:tst:20060015001
    • OR
      • AND
        • comment libxml2 is earlier than 0:2.5.10-14
          oval oval:com.redhat.rhsa:tst:20080988002
        • comment libxml2 is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080032003
      • AND
        • comment libxml2-devel is earlier than 0:2.5.10-14
          oval oval:com.redhat.rhsa:tst:20080988006
        • comment libxml2-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080032005
      • AND
        • comment libxml2-python is earlier than 0:2.5.10-14
          oval oval:com.redhat.rhsa:tst:20080988004
        • comment libxml2-python is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080032007
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhsa:tst:20060016001
    • OR
      • AND
        • comment libxml2 is earlier than 0:2.6.16-12.6
          oval oval:com.redhat.rhsa:tst:20080988009
        • comment libxml2 is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080032003
      • AND
        • comment libxml2-devel is earlier than 0:2.6.16-12.6
          oval oval:com.redhat.rhsa:tst:20080988011
        • comment libxml2-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080032005
      • AND
        • comment libxml2-python is earlier than 0:2.6.16-12.6
          oval oval:com.redhat.rhsa:tst:20080988010
        • comment libxml2-python is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080032007
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment libxml2 is earlier than 0:2.6.26-2.1.2.7
          oval oval:com.redhat.rhsa:tst:20080988013
        • comment libxml2 is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080032014
      • AND
        • comment libxml2-devel is earlier than 0:2.6.26-2.1.2.7
          oval oval:com.redhat.rhsa:tst:20080988017
        • comment libxml2-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080032016
      • AND
        • comment libxml2-python is earlier than 0:2.6.26-2.1.2.7
          oval oval:com.redhat.rhsa:tst:20080988015
        • comment libxml2-python is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080032018
rhsa
id RHSA-2008:0988
released 2008-11-17
severity Important
title RHSA-2008:0988: libxml2 security update (Important)
rpms
  • libxml2-0:2.5.10-14
  • libxml2-devel-0:2.5.10-14
  • libxml2-python-0:2.5.10-14
  • libxml2-0:2.6.16-12.6
  • libxml2-devel-0:2.6.16-12.6
  • libxml2-python-0:2.6.16-12.6
  • libxml2-0:2.6.26-2.1.2.7
  • libxml2-devel-0:2.6.26-2.1.2.7
  • libxml2-python-0:2.6.26-2.1.2.7
refmap via4
apple
  • APPLE-SA-2009-06-08-1
  • APPLE-SA-2009-06-17-1
bid 32326
confirm
debian DSA-1666
fedora
  • FEDORA-2008-9729
  • FEDORA-2008-9773
gentoo GLSA-200812-06
hp
  • HPSBMA02492
  • SSRT100079
mandriva MDVSA-2008:231
osvdb 49993
sectrack 1021238
secunia
  • 32762
  • 32764
  • 32766
  • 32773
  • 32802
  • 32807
  • 32811
  • 32872
  • 32974
  • 33417
  • 33746
  • 33792
  • 34247
  • 35379
  • 36173
  • 36235
slackware SSA:2008-324-01
sunalert
  • 251406
  • 261688
  • 265329
suse SUSE-SR:2008:026
ubuntu USN-673-1
vupen
  • ADV-2008-3176
  • ADV-2009-0034
  • ADV-2009-0301
  • ADV-2009-0323
  • ADV-2009-1522
  • ADV-2009-1621
Last major update 07-03-2011 - 22:12
Published 25-11-2008 - 18:30
Last modified 28-09-2017 - 21:32
Back to Top