Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2008-AVI-562
Vulnerability from certfr_avis
Deux vulnérabilités de Libxml2 permettent à un utilisateur malveillant la réalisation d'un déni de service à distance ou d'exécuter du code arbitraire à distance.
Description
Une première vulnérabilité provient d'un débordement d'entier dans la fonction xmlSAX2Characters(). Elle est exploitable par un utilisateur malveillant pour exécuter du code arbitraire à distance.
Une deuxième vulnérabilité, dans la fonction xmlBufferResize(), peut être exploitée pour provoquer une boucle infinie.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Libxml2 2.x.
Impacted products
| Vendor | Product | Description |
|---|
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eLibxml2 2.x.\u003c/p\u003e",
"content": "## Description\n\nUne premi\u00e8re vuln\u00e9rabilit\u00e9 provient d\u0027un d\u00e9bordement d\u0027entier dans la\nfonction xmlSAX2Characters(). Elle est exploitable par un utilisateur\nmalveillant pour ex\u00e9cuter du code arbitraire \u00e0 distance.\n\nUne deuxi\u00e8me vuln\u00e9rabilit\u00e9, dans la fonction xmlBufferResize(), peut\n\u00eatre exploit\u00e9e pour provoquer une boucle infinie.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-4226",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4226"
},
{
"name": "CVE-2008-4225",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4225"
}
],
"initial_release_date": "2008-11-20T00:00:00",
"last_revision_date": "2008-11-20T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 s\u00e9curit\u00e9 Fedora 8 FEDORA-2008-9729 du 19 novembre 2008 :",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00472.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1666-1 du 17 novembre 2008 :",
"url": "http://www.debian.org/security/2008/dsa-1666"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 s\u00e9curit\u00e9 Fedora 9 FEDORA-2008-9773 du 19 novembre 2008 :",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00513.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-673-1 du 19 novembre 2008 :",
"url": "http://www.ubuntulinux.org/usn/usn-673-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0988 du 17 novembre 2008 :",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0988.html"
}
],
"reference": "CERTA-2008-AVI-562",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-11-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Deux vuln\u00e9rabilit\u00e9s de Libxml2 permettent \u00e0 un utilisateur malveillant\nla r\u00e9alisation d\u0027un d\u00e9ni de service \u00e0 distance ou d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9s de Libxml2",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0988 du 17 novembre 2008",
"url": null
}
]
}
CVE-2008-4226 (GCVE-0-2008-4226)
Vulnerability from cvelistv5
Published
2008-11-25 23:00
Modified
2024-08-07 10:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:08:34.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32766"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1"
},
{
"name": "32326",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32326"
},
{
"name": "32773",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32773"
},
{
"name": "oval:org.mitre.oval:def:6360",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6360"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470466"
},
{
"name": "oval:org.mitre.oval:def:6219",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6219"
},
{
"name": "FEDORA-2008-9773",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00513.html"
},
{
"name": "32807",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32807"
},
{
"name": "APPLE-SA-2009-06-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "FEDORA-2008-9729",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00472.html"
},
{
"name": "49993",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/49993"
},
{
"name": "32764",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32764"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0001.html"
},
{
"name": "USN-673-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-673-1"
},
{
"name": "ADV-2009-0301",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0301"
},
{
"name": "oval:org.mitre.oval:def:9888",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9888"
},
{
"name": "33746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33746"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc9"
},
{
"name": "ADV-2009-0034",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0034"
},
{
"name": "34247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34247"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm"
},
{
"name": "36173",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36173"
},
{
"name": "ADV-2009-1522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "HPSBMA02492",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "251406",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-251406-1"
},
{
"name": "GLSA-200812-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200812-06.xml"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "32872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32872"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-002.htm"
},
{
"name": "SSA:2008-324-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.473974"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0325"
},
{
"name": "DSA-1666",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1666"
},
{
"name": "32802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32802"
},
{
"name": "35379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35379"
},
{
"name": "32974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32974"
},
{
"name": "33792",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33792"
},
{
"name": "36235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36235"
},
{
"name": "32762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32762"
},
{
"name": "265329",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-265329-1"
},
{
"name": "RHSA-2008:0988",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0988.html"
},
{
"name": "33417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33417"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc10"
},
{
"name": "261688",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-261688-1"
},
{
"name": "MDVSA-2008:231",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:231"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "ADV-2009-0323",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0323"
},
{
"name": "SUSE-SR:2008:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"name": "32811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32811"
},
{
"name": "SSRT100079",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "ADV-2008-3176",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3176"
},
{
"name": "1021238",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021238"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32766"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1"
},
{
"name": "32326",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32326"
},
{
"name": "32773",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32773"
},
{
"name": "oval:org.mitre.oval:def:6360",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6360"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470466"
},
{
"name": "oval:org.mitre.oval:def:6219",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6219"
},
{
"name": "FEDORA-2008-9773",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00513.html"
},
{
"name": "32807",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32807"
},
{
"name": "APPLE-SA-2009-06-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "FEDORA-2008-9729",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00472.html"
},
{
"name": "49993",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/49993"
},
{
"name": "32764",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32764"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0001.html"
},
{
"name": "USN-673-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-673-1"
},
{
"name": "ADV-2009-0301",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0301"
},
{
"name": "oval:org.mitre.oval:def:9888",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9888"
},
{
"name": "33746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33746"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc9"
},
{
"name": "ADV-2009-0034",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0034"
},
{
"name": "34247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34247"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm"
},
{
"name": "36173",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36173"
},
{
"name": "ADV-2009-1522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "HPSBMA02492",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "251406",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-251406-1"
},
{
"name": "GLSA-200812-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200812-06.xml"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "32872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32872"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-002.htm"
},
{
"name": "SSA:2008-324-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.473974"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0325"
},
{
"name": "DSA-1666",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1666"
},
{
"name": "32802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32802"
},
{
"name": "35379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35379"
},
{
"name": "32974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32974"
},
{
"name": "33792",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33792"
},
{
"name": "36235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36235"
},
{
"name": "32762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32762"
},
{
"name": "265329",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-265329-1"
},
{
"name": "RHSA-2008:0988",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0988.html"
},
{
"name": "33417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33417"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc10"
},
{
"name": "261688",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-261688-1"
},
{
"name": "MDVSA-2008:231",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:231"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "ADV-2009-0323",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0323"
},
{
"name": "SUSE-SR:2008:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"name": "32811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32811"
},
{
"name": "SSRT100079",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "ADV-2008-3176",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3176"
},
{
"name": "1021238",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021238"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32766",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32766"
},
{
"name": "http://support.apple.com/kb/HT3639",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1"
},
{
"name": "32326",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32326"
},
{
"name": "32773",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32773"
},
{
"name": "oval:org.mitre.oval:def:6360",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6360"
},
{
"name": "ADV-2009-1621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=470466",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470466"
},
{
"name": "oval:org.mitre.oval:def:6219",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6219"
},
{
"name": "FEDORA-2008-9773",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00513.html"
},
{
"name": "32807",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32807"
},
{
"name": "APPLE-SA-2009-06-08-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "FEDORA-2008-9729",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00472.html"
},
{
"name": "49993",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/49993"
},
{
"name": "32764",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32764"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0001.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0001.html"
},
{
"name": "USN-673-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-673-1"
},
{
"name": "ADV-2009-0301",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0301"
},
{
"name": "oval:org.mitre.oval:def:9888",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9888"
},
{
"name": "33746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33746"
},
{
"name": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc9",
"refsource": "CONFIRM",
"url": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc9"
},
{
"name": "ADV-2009-0034",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0034"
},
{
"name": "34247",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34247"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm"
},
{
"name": "36173",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36173"
},
{
"name": "ADV-2009-1522",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "HPSBMA02492",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "251406",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-251406-1"
},
{
"name": "GLSA-200812-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200812-06.xml"
},
{
"name": "APPLE-SA-2009-06-17-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "32872",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32872"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-002.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-002.htm"
},
{
"name": "SSA:2008-324-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.473974"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0325",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0325"
},
{
"name": "DSA-1666",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1666"
},
{
"name": "32802",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32802"
},
{
"name": "35379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35379"
},
{
"name": "32974",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32974"
},
{
"name": "33792",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33792"
},
{
"name": "36235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36235"
},
{
"name": "32762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32762"
},
{
"name": "265329",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-265329-1"
},
{
"name": "RHSA-2008:0988",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0988.html"
},
{
"name": "33417",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33417"
},
{
"name": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc10",
"refsource": "CONFIRM",
"url": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc10"
},
{
"name": "261688",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-261688-1"
},
{
"name": "MDVSA-2008:231",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:231"
},
{
"name": "http://support.apple.com/kb/HT3613",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "ADV-2009-0323",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0323"
},
{
"name": "SUSE-SR:2008:026",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"name": "32811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32811"
},
{
"name": "SSRT100079",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "ADV-2008-3176",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3176"
},
{
"name": "1021238",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021238"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4226",
"datePublished": "2008-11-25T23:00:00",
"dateReserved": "2008-09-24T00:00:00",
"dateUpdated": "2024-08-07T10:08:34.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4225 (GCVE-0-2008-4225)
Vulnerability from cvelistv5
Published
2008-11-25 23:00
Modified
2024-08-07 10:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:08:35.001Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32766"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1"
},
{
"name": "32773",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32773"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1"
},
{
"name": "FEDORA-2008-9773",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00513.html"
},
{
"name": "32807",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32807"
},
{
"name": "APPLE-SA-2009-06-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "FEDORA-2008-9729",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00472.html"
},
{
"name": "32764",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32764"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0001.html"
},
{
"name": "USN-673-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-673-1"
},
{
"name": "ADV-2009-0301",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0301"
},
{
"name": "oval:org.mitre.oval:def:10025",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10025"
},
{
"name": "33746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33746"
},
{
"name": "1021239",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021239"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc9"
},
{
"name": "ADV-2009-0034",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0034"
},
{
"name": "34247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34247"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm"
},
{
"name": "49992",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/49992"
},
{
"name": "36173",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36173"
},
{
"name": "ADV-2009-1522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "251406",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-251406-1"
},
{
"name": "GLSA-200812-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200812-06.xml"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-002.htm"
},
{
"name": "SSA:2008-324-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.473974"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0325"
},
{
"name": "DSA-1666",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1666"
},
{
"name": "32802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32802"
},
{
"name": "35379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35379"
},
{
"name": "32974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32974"
},
{
"name": "oval:org.mitre.oval:def:6415",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6415"
},
{
"name": "33792",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33792"
},
{
"name": "36235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36235"
},
{
"name": "32762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32762"
},
{
"name": "265329",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-265329-1"
},
{
"name": "RHSA-2008:0988",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0988.html"
},
{
"name": "33417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33417"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc10"
},
{
"name": "261688",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-261688-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470480"
},
{
"name": "MDVSA-2008:231",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:231"
},
{
"name": "32331",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32331"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "ADV-2009-0323",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0323"
},
{
"name": "32811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32811"
},
{
"name": "ADV-2008-3176",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3176"
},
{
"name": "oval:org.mitre.oval:def:6234",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6234"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32766"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1"
},
{
"name": "32773",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32773"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1"
},
{
"name": "FEDORA-2008-9773",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00513.html"
},
{
"name": "32807",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32807"
},
{
"name": "APPLE-SA-2009-06-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "FEDORA-2008-9729",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00472.html"
},
{
"name": "32764",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32764"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0001.html"
},
{
"name": "USN-673-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-673-1"
},
{
"name": "ADV-2009-0301",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0301"
},
{
"name": "oval:org.mitre.oval:def:10025",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10025"
},
{
"name": "33746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33746"
},
{
"name": "1021239",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021239"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc9"
},
{
"name": "ADV-2009-0034",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0034"
},
{
"name": "34247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34247"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm"
},
{
"name": "49992",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/49992"
},
{
"name": "36173",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36173"
},
{
"name": "ADV-2009-1522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "251406",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-251406-1"
},
{
"name": "GLSA-200812-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200812-06.xml"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-002.htm"
},
{
"name": "SSA:2008-324-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.473974"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0325"
},
{
"name": "DSA-1666",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1666"
},
{
"name": "32802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32802"
},
{
"name": "35379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35379"
},
{
"name": "32974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32974"
},
{
"name": "oval:org.mitre.oval:def:6415",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6415"
},
{
"name": "33792",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33792"
},
{
"name": "36235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36235"
},
{
"name": "32762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32762"
},
{
"name": "265329",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-265329-1"
},
{
"name": "RHSA-2008:0988",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0988.html"
},
{
"name": "33417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33417"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc10"
},
{
"name": "261688",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-261688-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470480"
},
{
"name": "MDVSA-2008:231",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:231"
},
{
"name": "32331",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32331"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "ADV-2009-0323",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0323"
},
{
"name": "32811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32811"
},
{
"name": "ADV-2008-3176",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3176"
},
{
"name": "oval:org.mitre.oval:def:6234",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6234"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32766",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32766"
},
{
"name": "http://support.apple.com/kb/HT3639",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1"
},
{
"name": "32773",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32773"
},
{
"name": "ADV-2009-1621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1"
},
{
"name": "FEDORA-2008-9773",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00513.html"
},
{
"name": "32807",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32807"
},
{
"name": "APPLE-SA-2009-06-08-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "FEDORA-2008-9729",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00472.html"
},
{
"name": "32764",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32764"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0001.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0001.html"
},
{
"name": "USN-673-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-673-1"
},
{
"name": "ADV-2009-0301",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0301"
},
{
"name": "oval:org.mitre.oval:def:10025",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10025"
},
{
"name": "33746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33746"
},
{
"name": "1021239",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021239"
},
{
"name": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc9",
"refsource": "CONFIRM",
"url": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc9"
},
{
"name": "ADV-2009-0034",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0034"
},
{
"name": "34247",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34247"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm"
},
{
"name": "49992",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/49992"
},
{
"name": "36173",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36173"
},
{
"name": "ADV-2009-1522",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "251406",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-251406-1"
},
{
"name": "GLSA-200812-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200812-06.xml"
},
{
"name": "APPLE-SA-2009-06-17-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-002.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-002.htm"
},
{
"name": "SSA:2008-324-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.473974"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0325",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0325"
},
{
"name": "DSA-1666",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1666"
},
{
"name": "32802",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32802"
},
{
"name": "35379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35379"
},
{
"name": "32974",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32974"
},
{
"name": "oval:org.mitre.oval:def:6415",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6415"
},
{
"name": "33792",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33792"
},
{
"name": "36235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36235"
},
{
"name": "32762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32762"
},
{
"name": "265329",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-265329-1"
},
{
"name": "RHSA-2008:0988",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0988.html"
},
{
"name": "33417",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33417"
},
{
"name": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc10",
"refsource": "CONFIRM",
"url": "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc10"
},
{
"name": "261688",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-261688-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=470480",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470480"
},
{
"name": "MDVSA-2008:231",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:231"
},
{
"name": "32331",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32331"
},
{
"name": "http://support.apple.com/kb/HT3613",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "ADV-2009-0323",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0323"
},
{
"name": "32811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32811"
},
{
"name": "ADV-2008-3176",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3176"
},
{
"name": "oval:org.mitre.oval:def:6234",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6234"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4225",
"datePublished": "2008-11-25T23:00:00",
"dateReserved": "2008-09-24T00:00:00",
"dateUpdated": "2024-08-07T10:08:35.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…