ID CVE-2009-2416
Summary Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
References
Vulnerable Configurations
  • cpe:2.3:a:xmlsoft:libxml:1.8.17:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.17:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 10-10-2018 - 19:40)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
oval via4
  • accepted 2014-01-20T04:01:36.835-05:00
    class vulnerability
    contributors
    • name Pai Peng
      organization Hewlett-Packard
    • name Chris Coffin
      organization The MITRE Corporation
    definition_extensions
    • comment VMWare ESX Server 3.0.3 is installed
      oval oval:org.mitre.oval:def:6026
    • comment VMware ESX Server 3.5.0 is installed
      oval oval:org.mitre.oval:def:5887
    • comment VMware ESX Server 4.0 is installed
      oval oval:org.mitre.oval:def:6293
    description Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
    family unix
    id oval:org.mitre.oval:def:7783
    status accepted
    submitted 2010-03-19T16:57:59.000-04:00
    title VMware libxml2 use-after-free vulnerability
    version 7
  • accepted 2013-04-29T04:18:37.597-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
    family unix
    id oval:org.mitre.oval:def:9262
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
    version 25
redhat via4
advisories
bugzilla
id 515205
title CVE-2009-2416 libxml, libxml2, mingw32-libxml2: Pointer use-after-free flaws by parsing Notation and Enumeration attribute types
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhba:tst:20070026001
    • OR
      • AND
        • comment libxml is earlier than 1:1.8.17-9.3
          oval oval:com.redhat.rhsa:tst:20091206002
        • comment libxml is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20091206003
      • AND
        • comment libxml-devel is earlier than 1:1.8.17-9.3
          oval oval:com.redhat.rhsa:tst:20091206004
        • comment libxml-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20091206005
      • AND
        • comment libxml2 is earlier than 0:2.5.10-15
          oval oval:com.redhat.rhsa:tst:20091206006
        • comment libxml2 is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080032003
      • AND
        • comment libxml2-devel is earlier than 0:2.5.10-15
          oval oval:com.redhat.rhsa:tst:20091206008
        • comment libxml2-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080032005
      • AND
        • comment libxml2-python is earlier than 0:2.5.10-15
          oval oval:com.redhat.rhsa:tst:20091206010
        • comment libxml2-python is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080032007
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304001
    • OR
      • AND
        • comment libxml2 is earlier than 0:2.6.16-12.7
          oval oval:com.redhat.rhsa:tst:20091206013
        • comment libxml2 is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080032003
      • AND
        • comment libxml2-devel is earlier than 0:2.6.16-12.7
          oval oval:com.redhat.rhsa:tst:20091206015
        • comment libxml2-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080032005
      • AND
        • comment libxml2-python is earlier than 0:2.6.16-12.7
          oval oval:com.redhat.rhsa:tst:20091206014
        • comment libxml2-python is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080032007
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment libxml2 is earlier than 0:2.6.26-2.1.2.8
          oval oval:com.redhat.rhsa:tst:20091206017
        • comment libxml2 is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080032014
      • AND
        • comment libxml2-devel is earlier than 0:2.6.26-2.1.2.8
          oval oval:com.redhat.rhsa:tst:20091206021
        • comment libxml2-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080032016
      • AND
        • comment libxml2-python is earlier than 0:2.6.26-2.1.2.8
          oval oval:com.redhat.rhsa:tst:20091206019
        • comment libxml2-python is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080032018
rhsa
id RHSA-2009:1206
released 2009-08-10
severity Moderate
title RHSA-2009:1206: libxml and libxml2 security update (Moderate)
rpms
  • libxml-1:1.8.17-9.3
  • libxml-devel-1:1.8.17-9.3
  • libxml2-0:2.5.10-15
  • libxml2-devel-0:2.5.10-15
  • libxml2-python-0:2.5.10-15
  • libxml2-0:2.6.16-12.7
  • libxml2-devel-0:2.6.16-12.7
  • libxml2-python-0:2.6.16-12.7
  • libxml2-0:2.6.26-2.1.2.8
  • libxml2-devel-0:2.6.26-2.1.2.8
  • libxml2-python-0:2.6.26-2.1.2.8
refmap via4
apple
  • APPLE-SA-2009-11-09-1
  • APPLE-SA-2009-11-11-1
  • APPLE-SA-2010-06-21-1
bid 36010
bugtraq 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components
confirm
debian DSA-1859
fedora
  • FEDORA-2009-8491
  • FEDORA-2009-8498
  • FEDORA-2009-8580
misc
mlist [debian-bugs-dist] 20090810 Bug#540865: libxml2: CVE-2009-2414, CVE-2009-2416 pointer-user-after-free and stack overflow because of function recursion
secunia
  • 35036
  • 36207
  • 36338
  • 36417
  • 36631
  • 37346
  • 37471
suse SUSE-SR:2009:015
ubuntu USN-815-1
vupen
  • ADV-2009-2420
  • ADV-2009-3184
  • ADV-2009-3217
  • ADV-2009-3316
Last major update 10-10-2018 - 19:40
Published 11-08-2009 - 18:30
Back to Top