- Home
- CVEs with nessus.description==Updated libxslt packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5.
This update has been rated as having moderate security impact by the Red Hat Security Response Team.
libxslt is a library for transforming XML files into other XML files using the standard XSLT stylesheet transformation mechanism.
A heap buffer overflow flaw was discovered in the RC4 libxslt library extension. An attacker could create a malicious XSL file that would cause a crash, or, possibly, execute arbitrary code with the privileges of the application using the libxslt library to perform XSL transformations on untrusted XSL style sheets. (CVE-2008-2935)
Red Hat would like to thank Chris Evans for reporting this vulnerability.
All libxslt users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top